Bug#882297: tracker.debian.org: Get rid of InsecureRequestWarning
Package: tracker.debian.org
Severity: important
since we switched to Python 3 on tracker.debian.org, the cron tasks
are generating annoying warnings. The following commands (at least) are
affected:
./manage.py tracker_run_all_tasks
./manage.py tracker_update_pseudo_packages
The warning shown is this one:
/usr/lib/python3/dist-packages/urllib3/connectionpool.py:845: InsecureRequestWarning: Unverified HTTPS
request is being made. Adding certificate verification is strongly advised. See:
https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning)
We need to investigate what code is causing this. I suspect one of the places
where it happens is within pysimplesoap so it might not be trivial to fix. We might
want to work-around by disabling this specific warning in the place where we use
pysimplesoap.
But in general this should be fixed as we want TLS certificates to be verified.
Or maybe the code is fine in the general case and we are only hit by the debian.org
way of managing TLS certificates:
https://wiki.debian.org/ServicesSSL
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master Debian: https://debian-handbook.info/get/
Reply to: