Openstack ‘Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present’

Did you just get error message ‘Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present‘?

This error might present itself when you are performing operations with SWIFT and your container doesn’t have the proper Access-Control-Allow-Origin metadata field set.

This may also occur if you deleted a container or a container was recreated. If such an event occured then the Access-Control-Allow-Origin metadata directive must be set again.

To do so use the the following command and replace the values your for your own.

Also, the below sets the Access-Control-Allow-Origin to * which means any host. For production environment you will want to restrict the Access-Control-Allow-Origin value to known hosts in order to avoid unauthorized uploads to your SWIFT containers.

curl -I -X POST -H 'X-Auth-Token: yoursecrettoken' -H 'X-Container-Meta-Access-Control-Allow-Origin: *' -H 'X-Container-Meta-Access-Expose-Headers: etag location x-timestamp x-trans-id Access-Control-Allow-Origin' https://your_endpoint_url/v1/AUTH_yourauth/yourcontainer_name

How to fix “An HTTPS request has been made, but the SNI (Subject Name Indication) extension to TLS is not available on this platform. This may cause the server to present an incorrect TLS certificate, which can cause validation failures”

/usr/local/lib/python2.7/dist-packages/requests/packages/urllib3/util/ssl.py:318: SNIMissingWarning: An HTTPS request has been made, but the SNI (Subject Name Indication) extension to TLS is not available on this platform. This may cause the server to present an incorrect TLS certificate, which can cause validation failures. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/security.html#snimissingwarning.

SNIMissingWarning
/usr/local/lib/python2.7/dist-packages/requests/packages/urllib3/util/ssl
.py:122: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/security.html#insecureplatformwarning.

InsecurePlatformWarning

 

Cause:

Certificate verification in Python 2

Older versions of Python 2 are built with an ssl module that lacks SNI support and can lag behind security updates. For these reasons it’s recommended to use pyOpenSSL.

If you install urllib3 with the secure extra, all required packages for certificate verification on Python 2 will be installed:

pip install urllib3[secure]

You may also have to upgrade you current version of Python.

If you are working with open stack the following commands is a good idea.

$ sudo pip install --upgrade setuptools

Retry your command

$ sudo pip install python-novaclient --upgrade