Cannot import CA from Vault

Bug #1845039 reported by Przemyslaw Hausman on 2019-09-23
20
This bug affects 3 people
Affects Status Importance Assigned to Milestone
charm-openstack-service-checks
Medium
Unassigned

Bug Description

In deployments that use vault as a data store for certificates, charms are expected to be able to consume a 'tls-certificates' relation in order to receive CA certificates.

The openstack-service-checks charm does not implement such a relation, and is thus unable to validate the keystone certificate.

The workaround is to explicitly set trusted_ssl_ca in the openstack-service-checks charm for now.

Xav Paice (xavpaice) on 2020-02-24
Changed in charm-openstack-service-checks:
importance: Undecided → Medium
status: New → Triaged
Narinder Gupta (narindergupta) wrote :

It seems just providing trusted_ssl_ca does not resolves the problem fully as cacert is not save and nagios-novarc is not rendered with trusted_ssl_ca.

https://bugs.launchpad.net/charm-openstack-service-checks/+bug/1882822

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers