Re: [Libguestfs] [PATCH v5 4/4] v2v: Add -o rhv-upload output mode.

On 03/08/2018 12:57 PM, Nir Soffer wrote: >On Thu, Mar 8, 2018 at 11:37 AM Richard W.M. Jones > +# Connect to the server. > +connection = sdk.Connection( > +    url = params['output_conn'], > +    username = username, > +    password = output_password, > +    ca_file = params['rhv_cafile'], > +    log = logging.getLogger(), > +    insecure = True,        # XXX? > > >ovirt-imageio authentication is based on the assumption that the >secret random url is passed from engine  to the user via https. >if this access engine using clear text then yes it is bad :-) > >Ondra, can you explain the semantics of incsecure=True? I can see you are using 'ca_file' attribute. So you should use insecure=True, only when user don't pass ca_file. If you pass insecure=True we don't validate certificate, but https still can be used. Preferred is of course using ca_file to validate certificates.