python-barbicanclient

Bug #1479439
Comment #1

Comment 1 for bug 1479439

Revision history for this message

Brianna Poulos (brianna-poulos) wrote on 2015-07-29:

Note that the certificate payload can be retrieved through the CLI without any issues, so it doesn't appear to be a problem with the creation of the certificate.

From CLI:
~/devstack$ barbican secret get http://localhost:9311/v1/secrets/8ec681e6-145d-4e72-99c7-8a354af6696f --payload
Starting new HTTP connection (1): 10.109.24.227
Starting new HTTP connection (1): localhost
+---------+------------------------------------------------------------------+
| Field | Value |
+---------+------------------------------------------------------------------+
| Payload | -----BEGIN CERTIFICATE----- |
| | MIICgzCCAWsCECCYIEMsaETJsaf+z9ryNxkwDQYJKoZIhvcNAQELBQAwXDELMAkG |
| | A1UEBhMCWFgxDjAMBgNVBAgTBVVuc2V0MQ4wDAYDVQQHEwVVbnNldDEOMAwGA1UE |
| | ChMFVW5zZXQxHTAbBgNVBAMTFFNuYWtlb2lsIENlcnRpZmljYXRlMB4XDTE1MDcy |
| | OTE3MzA0N1oXDTE1MDcyOTE3NDI1N1owKDEUMBIGA1UEChMLZXhhbXBsZS5jb20x |
| | EDAOBgNVBAMTB3NlcnZlcjEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMuu |
| | gzIK2zuz5p3qHfUVn5EnjlJqTsMjal+Hw1x0RLvCEgMPIYj+qHzp2SFOh5g2GUDz |
| | rk7zxXBt6K5e25W/wWVXZe5l/J/Pva0q1+jOdMXI+ozQnoA6wRYE2cO26fZLRUkW |
| | QGcnLMgfzsnuRKT2H9VTAA5ygcff/TdGrBcalhftAgMBAAEwDQYJKoZIhvcNAQEL |
| | BQADggEBAAmgO+4jwoINsts+9ynIUFSWjxBvb/89g0x2K/Of3lXd1XfiqHI3oOXl |
| | jpTfbwET7wiykc+MYIFvgDr0zQwXDRpYPk26x7HhlPuHyDSp0KMruIOzkCUbjqfu |
| | 6lttenTvqWloNrf+HSpgLuigHXta9H4GvCVvKzvgyRXt5AgRifc1OkJO7rXWMQ7V |
| | Z9z/XhIOHwyQpU1gT6P+BR460Sc8Ba7U7AT+36IXIHS9Um2ndbNM3i+Gy15/M5Aj |
| | ajAOWGB/dokHQg+kz1M9sgNzYEKkXC5ivuwSJMwvB5J+LjBkj/nSG5MsoIju+a/+ |
| | pQDNWViJBf2Edx32bUOHqnaZ4UIwzig= |
| | -----END CERTIFICATE----- |
| | |
+---------+------------------------------------------------------------------+
~/devstack$

From python:
>>> certificate = barbican.secrets.get('http://localhost:9311/v1/secrets/8ec681e6-145d-4e72-99c7-8a354af6696f')
>>> certificate
Secret(secret_ref="http://localhost:9311/v1/secrets/8ec681e6-145d-4e72-99c7-8a354af6696f")
>>> certificate.payload
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/opt/stack/python-barbicanclient/barbicanclient/secrets.py", line 188, in payload
    self._fetch_payload()
  File "/opt/stack/python-barbicanclient/barbicanclient/secrets.py", line 259, in _fetch_payload
    payload = self._api._get_raw(payload_url, headers=headers)
  File "/opt/stack/python-barbicanclient/barbicanclient/client.py", line 79, in _get_raw
    return self.request(path, 'GET', *args, **kwargs).content
  File "/opt/stack/python-barbicanclient/barbicanclient/client.py", line 63, in request
    self._check_status_code(resp)
  File "/opt/stack/python-barbicanclient/barbicanclient/client.py", line 103, in _check_status_code
    status
barbicanclient.exceptions.HTTPClientError: Not Acceptable
>>> certificate.payload_content_type
u'application/pkix-cert'
>>>

Note that the certificate payload can be retrieved through the CLI without any issues, so it doesn't appear to be a problem with the creation of the certificate.

From CLI:
~/devstack$ barbican secret get http://localhost:9311/v1/secrets/8ec681e6-145d-4e72-99c7-8a354af6696f --payload
Starting new HTTP connection (1): 10.109.24.227
Starting new HTTP connection (1): localhost
+---------+------------------------------------------------------------------+
| Field   | Value                                                            |
+---------+------------------------------------------------------------------+
| Payload | -----BEGIN CERTIFICATE-----                                      |
|         | MIICgzCCAWsCECCYIEMsaETJsaf+z9ryNxkwDQYJKoZIhvcNAQELBQAwXDELMAkG |
|         | A1UEBhMCWFgxDjAMBgNVBAgTBVVuc2V0MQ4wDAYDVQQHEwVVbnNldDEOMAwGA1UE |
|         | ChMFVW5zZXQxHTAbBgNVBAMTFFNuYWtlb2lsIENlcnRpZmljYXRlMB4XDTE1MDcy |
|         | OTE3MzA0N1oXDTE1MDcyOTE3NDI1N1owKDEUMBIGA1UEChMLZXhhbXBsZS5jb20x |
|         | EDAOBgNVBAMTB3NlcnZlcjEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMuu |
|         | gzIK2zuz5p3qHfUVn5EnjlJqTsMjal+Hw1x0RLvCEgMPIYj+qHzp2SFOh5g2GUDz |
|         | rk7zxXBt6K5e25W/wWVXZe5l/J/Pva0q1+jOdMXI+ozQnoA6wRYE2cO26fZLRUkW |
|         | QGcnLMgfzsnuRKT2H9VTAA5ygcff/TdGrBcalhftAgMBAAEwDQYJKoZIhvcNAQEL |
|         | BQADggEBAAmgO+4jwoINsts+9ynIUFSWjxBvb/89g0x2K/Of3lXd1XfiqHI3oOXl |
|         | jpTfbwET7wiykc+MYIFvgDr0zQwXDRpYPk26x7HhlPuHyDSp0KMruIOzkCUbjqfu |
|         | 6lttenTvqWloNrf+HSpgLuigHXta9H4GvCVvKzvgyRXt5AgRifc1OkJO7rXWMQ7V |
|         | Z9z/XhIOHwyQpU1gT6P+BR460Sc8Ba7U7AT+36IXIHS9Um2ndbNM3i+Gy15/M5Aj |
|         | ajAOWGB/dokHQg+kz1M9sgNzYEKkXC5ivuwSJMwvB5J+LjBkj/nSG5MsoIju+a/+ |
|         | pQDNWViJBf2Edx32bUOHqnaZ4UIwzig=                                 |
|         | -----END CERTIFICATE-----                                        |
|         |                                                                  |
+---------+------------------------------------------------------------------+
~/devstack$