Hello,
My logs are filled with tons of warnings : "Unsupported SSL context options are set. The following options are present, but have been ignored: allow_self_signed, cafile"
I've seen a previous issue that was asking for this but the thread quickly slid to another issue.
So I wanted to be sure that the proposed solution is ok (aka verify = false) and what's causing this log.
Is the proposed solution viable in the long term? Is there any other workaround? Is there an official patch scheduled?
Thanks for your help.
@jfradj,
I will need to take some time to reacquaint myself with the details of this issue and do some digging to see if I can find some answers. Hope to come back with some further details soon.
@dwsupplee,
Did you managed to dig a little on this issue?
We've put on production one of our new quite big project (a mobile backend for multiple apps serving hundreds of thousands users) and almost every request log a warning about the SSL Context so we have tons a trash logs and we cannot properly monitor our project...
Using an advanced filter doesn't seems to help since filtering out "SSL Context" removes any logs containing that words, of course, even entries containing other important/real/useful logs.
We would like to not change all our logs to use a higher level (like LOG_ERR) just to be able to filter all te warnings.
Is there any workaround (even a bad and ugly one) just to wait patiently?
Thanks for your help.
@jfradj, my apologies for the delay on a response. I haven't had an opportunity to look into this yet, but plan to tomorrow. Setting verify to false when using the stream handler may be acceptable, but I would like to ensure that before I recommend it. Thank you for your patience!
@jfradj,
Do you know if you are utilizing the native stream handler? If so, I believe what we're running in to is that guzzle is setting those options in their StreamHandler.
We have a few options, let me know if either work:
StreamHandler and comment out the lines setting the options which aren't handled by app engine.require 'vendor/autoload.php';
use Google\Cloud\PubSub\PubSubClient;
use GuzzleHttp\Client;
use GuzzleHttp\HandlerStack;
use Psr\Http\Message\RequestInterface;
$streamHandler = new MyCustomStreamHandler(); // Your implementation of guzzle's StreamHandler with commented out code
$handler = HandlerStack::create($streamHandler);
$guzzleClient = new Client(['handler' => $handler]);
$pubsub = new PubSubClient([
'httpHandler' => function(RequestInterface $request, array $options = []) use ($guzzleClient) {
return $guzzleClient->send($request, $options);
}
]);
@dwsupplee,
You're right we're using the default StreamHandler and indeed it's setting those values.
Writing our own StreamHandler is a solution but we have to maintain its stability by hand.
I've to (re)check the doc but I thought that by using cURL we'll have to pay more and/or have other quota limits.
Anyway, thanks for your help.
Cheers,
Johann
Writing our own StreamHandler is a solution but we have to maintain its stability by hand.
If you are able to stay pinned to a specific version of guzzle it shouldn't become an issue. This would be a workaround until we can figure out how/if we can disable the warning on the app-engine side. :)
You're right, I think I'll do that.
For now I've directly commented the code in the lib just to be sure all the warnings are disabled!
Thanks again
It's working, so I'll stick to the current version of Guzzle and make my own Handler.
Thanks for your help
No problem! That's great to hear, glad you were able to get the noise reduced.