allow an operator to provide a CA Cert for Trove Controller: support self-signed certificates on the openstack controller
Bug #1539182 reported by
Amrith Kumar
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack DBaaS (Trove) |
New
|
Undecided
|
Unassigned |
Bug Description
Currently there's no way to provide the cacert to trove controller (and guest) so that self-signed certificates can be used.
Changed in trove: | |
assignee: | Amrith Kumar (amrith) → nobody |
To post a comment you must log in.
Consider a scenario where an operator uses a self-signed certificate for their Nova, Cinder, Swift, Glance, ... service end points.
Then, if a client wants to connect to them on https:// and verify the identity etc as SSL requires, then they would need a CA Cert. Currently Trove controller has no way to use this, and it isn't just the 3 trove services but also the guest.
A blueprint on this will be forthcoming.