Need to be able to retrofit tls everywhere on an existing deployment
Bug #1830235 reported by
Ade Lee
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tripleo |
Fix Released
|
Medium
|
Ade Lee |
Bug Description
Description
===========
We need to be able to retrofit existing overcloud deployments with TLS everywhere to improve security.
Ideally, the undercloud would be prepped by deploying novajoin and enrolling with FreeIPA. Then the overcloud can be re-deployed with the correct templates to generate the required certs and secure the internal endpoints.
Need to have this backported back to Queens.
Changed in tripleo: | |
status: | New → In Progress |
assignee: | nobody → Ade Lee (alee-3) |
summary: |
- Need to ba able to retrofit tls everywhere on an existing deployment + Need to be able to retrofit tls everywhere on an existing deployment |
Changed in tripleo: | |
milestone: | none → train-1 |
Changed in tripleo: | |
importance: | Undecided → Medium |
status: | In Progress → Fix Released |
To post a comment you must log in.
Related fix proposed to branch: stable/stein /review. opendev. org/661019
Review: https:/