| 2019-06-24 07:32:23 |
Nir Magnezi |
bug |
|
|
added bug |
| 2019-06-24 07:32:39 |
Nir Magnezi |
tripleo: assignee |
|
Nir Magnezi (nmagnezi) |
|
| 2019-06-24 07:42:16 |
Nir Magnezi |
description |
Description of problem:
Initially reported here: https://bugzilla.redhat.com/show_bug.cgi?id=1723051
The following patches added support for Octavia configuration option named: server_certs_key_passphrase:
tripleo-heat-templates https://review.opendev.org/#/c/647467/
tripleo-common https://review.opendev.org/#/c/647413/
puppet-octavia https://review.opendev.org/#/c/647502/
with those, TripleO will auto-generate a passphrase to avoid from falling back to a non-secure default passphrase.
The mentioned passphrase is used for Fernet key and should be 32 chars long. see: https://bugzilla.redhat.com/show_bug.cgi?id=1723051#c3
We should:
1. Generate passphrase in that length.
2. Validate that operator-provided passphrase obeys the same rule. |
Description of problem:
Initially reported here: https://bugzilla.redhat.com/show_bug.cgi?id=1723051
The following patches added support for Octavia configuration option named: server_certs_key_passphrase:
tripleo-heat-templates https://review.opendev.org/#/c/647467/
tripleo-common https://review.opendev.org/#/c/647413/
puppet-octavia https://review.opendev.org/#/c/647502/
with those, TripleO will auto-generate a passphrase to avoid from falling back to a non-secure default passphrase.
The mentioned passphrase is used for Fernet key and should be 32 byte long. see: https://bugzilla.redhat.com/show_bug.cgi?id=1723051#c3
We should:
1. Generate passphrase in that length.
2. Validate that operator-provided passphrase obeys the same rule. |
|
| 2019-06-24 07:43:18 |
Nir Magnezi |
description |
Description of problem:
Initially reported here: https://bugzilla.redhat.com/show_bug.cgi?id=1723051
The following patches added support for Octavia configuration option named: server_certs_key_passphrase:
tripleo-heat-templates https://review.opendev.org/#/c/647467/
tripleo-common https://review.opendev.org/#/c/647413/
puppet-octavia https://review.opendev.org/#/c/647502/
with those, TripleO will auto-generate a passphrase to avoid from falling back to a non-secure default passphrase.
The mentioned passphrase is used for Fernet key and should be 32 byte long. see: https://bugzilla.redhat.com/show_bug.cgi?id=1723051#c3
We should:
1. Generate passphrase in that length.
2. Validate that operator-provided passphrase obeys the same rule. |
Description of problem:
Initially reported here: https://bugzilla.redhat.com/show_bug.cgi?id=1723051
The following patches added support for Octavia configuration option named: server_certs_key_passphrase:
tripleo-heat-templates https://review.opendev.org/#/c/647467/
tripleo-common https://review.opendev.org/#/c/647413/
puppet-octavia https://review.opendev.org/#/c/647502/
with those, TripleO will auto-generate a passphrase to avoid from falling back to a non-secure default passphrase.
The mentioned passphrase is used for Fernet key and should be 32 bytes long. see: https://bugzilla.redhat.com/show_bug.cgi?id=1723051#c3
We should:
1. Generate passphrase in that length.
2. Validate that operator-provided passphrase obeys the same rule. |
|
| 2019-06-24 07:45:56 |
Nir Magnezi |
description |
Description of problem:
Initially reported here: https://bugzilla.redhat.com/show_bug.cgi?id=1723051
The following patches added support for Octavia configuration option named: server_certs_key_passphrase:
tripleo-heat-templates https://review.opendev.org/#/c/647467/
tripleo-common https://review.opendev.org/#/c/647413/
puppet-octavia https://review.opendev.org/#/c/647502/
with those, TripleO will auto-generate a passphrase to avoid from falling back to a non-secure default passphrase.
The mentioned passphrase is used for Fernet key and should be 32 bytes long. see: https://bugzilla.redhat.com/show_bug.cgi?id=1723051#c3
We should:
1. Generate passphrase in that length.
2. Validate that operator-provided passphrase obeys the same rule. |
Description of problem:
Initially reported here: https://bugzilla.redhat.com/show_bug.cgi?id=1723051
The following patches added support for Octavia configuration option named: server_certs_key_passphrase:
tripleo-heat-templates https://review.opendev.org/#/c/647467/
tripleo-common https://review.opendev.org/#/c/647413/
puppet-octavia https://review.opendev.org/#/c/647502/
with those, TripleO will auto-generate a passphrase to avoid from falling back to a non-secure default passphrase.
The mentioned passphrase is used for Fernet key and should be 32 characters long. see: https://bugzilla.redhat.com/show_bug.cgi?id=1723051#c3
We should:
1. Generate passphrase in that length.
2. Validate that operator-provided passphrase obeys the same rule. |
|
| 2019-06-24 07:48:00 |
OpenStack Infra |
tripleo: status |
New |
In Progress |
|
| 2019-07-10 13:17:58 |
OpenStack Infra |
tripleo: status |
In Progress |
Fix Released |
|
| 2019-07-10 18:15:38 |
OpenStack Infra |
tags |
|
in-stable-stein |
|
| 2019-07-29 08:39:47 |
OpenStack Infra |
tags |
in-stable-stein |
in-stable-rocky in-stable-stein |
|
| 2019-08-01 18:01:54 |
OpenStack Infra |
tags |
in-stable-rocky in-stable-stein |
in-stable-queens in-stable-rocky in-stable-stein |
|
