diff --git a/samples/vsphere/common/vapiconnect.py b/samples/vsphere/common/vapiconnect.py index 87380141..7f1c1247 100644 --- a/samples/vsphere/common/vapiconnect.py +++ b/samples/vsphere/common/vapiconnect.py @@ -31,7 +31,7 @@ def get_jsonrpc_endpoint_url(host): return "https://{}/api".format(host) -def connect(host, user, pwd, skip_verification=False, suppress_warning=True): +def connect(host, user, pwd, skip_verification=False, cert_path=None, suppress_warning=True): """ Create an authenticated stub configuration object that can be used to issue requests against vCenter. @@ -44,6 +44,8 @@ def connect(host, user, pwd, skip_verification=False, suppress_warning=True): session = requests.Session() if skip_verification: session = create_unverified_session(session, suppress_warning) + elif cert_path: + session.verify = cert_path connector = get_requests_connector(session=session, url=host_url) stub_config = StubConfigurationFactory.new_std_configuration(connector) diff --git a/samples/vsphere/vcenter/vm/list_vms.py b/samples/vsphere/vcenter/vm/list_vms.py index 65e2b11f..eedec7f3 100644 --- a/samples/vsphere/vcenter/vm/list_vms.py +++ b/samples/vsphere/vcenter/vm/list_vms.py @@ -14,10 +14,14 @@ """ import atexit +import socket +import re from samples.vsphere.common import vapiconnect from samples.vsphere.common.sample_util import parse_cli_args from samples.vsphere.common.sample_util import pp from com.vmware.vcenter_client import VM +from samples.vsphere.common.sample_cli import build_arg_parser +from samples.vsphere.common.sample_util import process_cli_args """ Demonstrates getting list of VMs present in vCenter @@ -30,10 +34,31 @@ cleardata = False def setup(context=None): - global stub_config, cleardata - server, username, password, cleardata, skip_verification = parse_cli_args() + global stub_config, cleardata, cert_path + parser = build_arg_parser() + parser.add_argument('-cpath', '--cert_path', + action='store', + help='Verify vCenter Server certificate') + args = parser.parse_args() + + server, username, password, cleardata, skip_verification = process_cli_args(args) + + # Check if either of skipverification or cert_path is passed as an argument + cert_path = None + if args.cert_path: + if re.match('\d+[.]\d+[.]\d+[.]\d+', server): + try: + server = socket.gethostbyaddr(server)[0] + except Exception as e: + print("SERVER IS NOT REACHABLE {}".format(e)) + cert_path = args.cert_path + if not skip_verification and not cert_path: + raise Exception("skipverification or cert_path required") + print("cert_path = {}".format(cert_path)) + + # Connect to VAPI stub_config = vapiconnect.connect(server, username, password, - skip_verification) + skip_verification, cert_path=cert_path) atexit.register(vapiconnect.logout, stub_config)