Chapter 9. Object Storage in OpenStack Security Guide - current - apache recommendation
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openstack-manuals |
Fix Released
|
High
|
Darren Chan |
Bug Description
In the "Use SSL/TLS" section, it states
"The current work around is to not use the built-in web server but an alternative web server instead that supports sending both the public server certificate as well as the CA signing authorities intermediate certificate(s)"
Instead of recommending a different web server, the current best-practice is to use an SSL-terminator like stud, haproxy, etc. Running Swift behind Apache isn't a deployment pattern that is well-tested at scale.
-------
Built: 2014-10-07T20:57:52 00:00
git SHA: a73b82c01ee6798
URL: http://
source File: file:/home/
xml:id: object-storage
Changed in openstack-manuals: | |
milestone: | none → juno |
status: | New → Confirmed |
importance: | Undecided → High |
status: | Confirmed → Triaged |
tags: | added: swift |
Changed in openstack-manuals: | |
assignee: | nobody → Darren Chan (dazzachan) |
Fix proposed to branch: master /review. openstack. org/127419
Review: https:/