Improve TLS handling with Fuel (hash, upload mechanism)
Bug #1501970 reported by
Adam Heczko
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Fuel for OpenStack |
Triaged
|
Medium
|
Fuel Sustaining | ||
| Mitaka |
Won't Fix
|
Medium
|
Fuel Python (Deprecated) | ||
| Newton |
Triaged
|
Medium
|
Fuel Sustaining | ||
Bug Description
With Fuel 7.0 we did a good job and introduced TLS termination of Fuel / nginx, Apache2 / Horizon, HAProxy / API endpoints.
But current implementation still requires at least the following improvements:
1. For self-signed certs, change hash algorithm from SHA1 to SHA256 [1]
2. Provide better certificate and key upload mechanism with Fuel Web, and allow uploading key and certificate in two separate files.
References:
[1] http://
Revision history for this message
| Alex Schultz (alex-schultz) wrote | #1 |
Revision history for this message
| Adam Heczko (aheczko-mirantis) wrote | #2 |
| Changed in fuel: | |
| assignee: | nobody → Fuel Python Team (fuel-python) |
| importance: | Undecided → Medium |
| status: | New → Triaged |
Revision history for this message
| Stanislaw Bogatkin (sbogatkin) wrote | #3 |
| Changed in fuel: | |
| milestone: | none → 5.1.1-updates |
| milestone: | 5.1.1-updates → 8.0 |
Revision history for this message
| Adam Heczko (aheczko-mirantis) wrote | #4 |
Revision history for this message
| Adam Heczko (aheczko-mirantis) wrote | #5 |
| tags: | added: area-python |
| tags: | added: feature |
Revision history for this message
| Alexander Kislitsky (akislitsky) wrote | #6 |
| Changed in fuel: | |
| milestone: | 8.0 → 9.0 |
To post a comment you must log in.
#1 was addressed by bug 1488993 and was fixed by Ic2e522f125be6b