OpenStack Compute (nova)

  1. Bug #1516703
  2. Activity log

Activity log for bug #1516703

Date Who What changed Old value New value Message
2015-11-16 16:47:18 Anna Sortland bug added bug
2015-11-16 16:50:30 Anna Sortland description nova/crypto.py:generate_winrm_x509_cert() generates certs with default SHA-1 digest. The call to 'openssl req' does not specify -digest option nor certificate config file sets digest, so certificates are generated with SHA-1 digest. SHA-1 is not considered to be a secure algorithm. It would be preferable to: 1) let user specify digest algorithm via a config option 2) default to SHA-256 nova/crypto.py:generate_winrm_x509_cert() generates certs with default SHA-1 digest. The call to 'openssl req' does not specify -digest option nor certificate config file sets digest, so certificates are generated with SHA-1 digest. SHA-1 is not considered to be a secure algorithm for certificates' digest. It would be preferable to: 1) let user specify digest algorithm via a config option 2) default to SHA-256
2015-11-17 00:45:31 Wenzhi Yu nova: assignee Wen Zhi Yu (yuywz)
2015-11-17 06:07:55 Wenzhi Yu nova: status New In Progress
2016-02-20 15:36:38 Sean Dague nova: importance Undecided Medium
2016-02-20 15:36:43 Sean Dague tags security
2017-03-21 16:31:20 Maciej Szankin nova: status In Progress New
2017-03-21 16:31:24 Maciej Szankin nova: assignee Wenzhi Yu (yuywz)
2017-06-08 12:20:55 Sean Dague tags security security windows
2017-06-28 16:13:22 Sean Dague nova: status New Confirmed
2020-08-11 07:02:51 Harshavardhan Metla nova: assignee Harshavardhan Metla (harsha24)
2020-09-11 10:56:17 Harshavardhan Metla nova: assignee Harshavardhan Metla (harsha24)