Comment 12 for bug 1924816

After more digging, I discovered that this issue is not caused by urllib3 1.25.4 or OpenSSL 1.1.1.

The urllib3 bug: https://github.com/urllib3/urllib3/issues/1682

It was really about:

When you access a self-signed https url and turned off https verify,
you still get CERTIFICATE_VERIFY_FAILED error, since urllib3 still verified it by mistake.

That is fixed in 1.25.5: https://github.com/urllib3/urllib3/compare/1.25.4...1.25.5

However, in our case, we are not turning off https verify.
Instead, we expect our cert is installed on system and requests/urllib3 can find it and verify ok.
But we actually get this error:

    unit.openstack-service-checks/0.juju-log Failed to create endpoint checks due issue communicating with Keystone. Error:
    Keystone ssl error when listing SSL exception connecting to https://10.0.8.91:35357/v3/auth/tokens:
    HTTPSConnectionPool(host='10.0.8.91', port=35357): Max retries exceeded with url:
    /v3/auth/tokens (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED]
    certificate verify failed (_ssl.c:852)'),)): endpoints