Nicolas Koehl
bc67c9f502
- Extract and configure Mei Sheng Group CA certificates - Create certificate bundle for proper SSL verification - Add SSL test script to verify connections - Configure environment for trusted SSL connections - Resolve SSL verification issues with Gitea and internal services - Add comprehensive SSL setup documentation Fixes: - Gitea SSL verification now works with CA bundle - Python requests can verify internal SSL certificates - Proper certificate chain established for internal services Note: nomad_mcp hostname has underscore causing SSL hostname mismatch - Service works but requires SSL verification workaround 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
58 lines
2.0 KiB
Python
Executable File
58 lines
2.0 KiB
Python
Executable File
#!/usr/bin/env python3
|
|
"""
|
|
Test SSL connections to Mei Sheng Group services with proper certificate verification.
|
|
"""
|
|
import requests
|
|
import urllib3
|
|
import os
|
|
import sys
|
|
|
|
# Disable only the specific warning for unverified HTTPS requests
|
|
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
|
|
|
|
def test_with_ca_bundle():
|
|
"""Test connections using the CA bundle"""
|
|
ca_bundle = os.path.join(os.path.dirname(__file__), 'meisheng_ca_bundle.pem')
|
|
|
|
print("🔒 Testing with CA Bundle...")
|
|
print(f"📁 CA Bundle: {ca_bundle}")
|
|
|
|
services = [
|
|
("Gitea", "https://gitea.dev.meisheng.group/api/v1/version"),
|
|
("Nomad MCP", "https://nomad_mcp.dev.meisheng.group/api/health"),
|
|
]
|
|
|
|
for name, url in services:
|
|
try:
|
|
response = requests.get(url, verify=ca_bundle, timeout=5)
|
|
print(f"✅ {name}: {response.status_code} - {response.text[:100]}")
|
|
except requests.exceptions.SSLError as e:
|
|
print(f"🔓 {name}: SSL Error - {e}")
|
|
# Try with verification disabled to check if it's just a cert issue
|
|
try:
|
|
response = requests.get(url, verify=False, timeout=5)
|
|
print(f"⚠️ {name}: Works without SSL verification - {response.status_code}")
|
|
except Exception as e2:
|
|
print(f"❌ {name}: Complete failure - {e2}")
|
|
except Exception as e:
|
|
print(f"❌ {name}: Error - {e}")
|
|
|
|
def test_with_system_certs():
|
|
"""Test connections using system certificates"""
|
|
print("\n🔒 Testing with System Certificates...")
|
|
|
|
services = [
|
|
("Gitea", "https://gitea.dev.meisheng.group/api/v1/version"),
|
|
("Nomad MCP", "https://nomad_mcp.dev.meisheng.group/api/health"),
|
|
]
|
|
|
|
for name, url in services:
|
|
try:
|
|
response = requests.get(url, timeout=5)
|
|
print(f"✅ {name}: {response.status_code}")
|
|
except Exception as e:
|
|
print(f"❌ {name}: {e}")
|
|
|
|
if __name__ == "__main__":
|
|
test_with_ca_bundle()
|
|
test_with_system_certs() |