Much of OpenStack is hard-coded to use http instead of https. Of particular interest is keystone which is the identity service for OpenStack. https://wiki.ubuntu.com/PrecisePangolin/ReleaseNotes/UbuntuCloud should state that accessing OpenStack over an unprotected network may expose credentials and other information. This is true (at least) when:
* keystone is on a separate server from the other OpenStack components
* horizon (the OpenStack Dashboard) is on a different system than keystone
* users access OpenStack remotely
Much of OpenStack is hard-coded to use http instead of https. Of particular interest is keystone which is the identity service for OpenStack. https:/ /wiki.ubuntu. com/PrecisePang olin/ReleaseNot es/UbuntuCloud should state that accessing OpenStack over an unprotected network may expose credentials and other information. This is true (at least) when:
* keystone is on a separate server from the other OpenStack components
* horizon (the OpenStack Dashboard) is on a different system than keystone
* users access OpenStack remotely
Adding horizon and keystone tasks.