Bug 1292488
Summary: | [RFE] Allow root CA configuration for SSL enabled Openstack connectivity | ||
---|---|---|---|
Product: | Red Hat CloudForms Management Engine | Reporter: | John Prause <jprause> |
Component: | Providers | Assignee: | Ladislav Smola <lsmola> |
Status: | CLOSED ERRATA | QA Contact: | Aziza Karol <akarol> |
Severity: | high | Docs Contact: | |
Priority: | unspecified | ||
Version: | 5.5.0 | CC: | adahms, cpelland, dajohnso, jfrey, jhardy, jkrocil, jprause, lsmola, mcornea, mfeifer, obarenbo, rrasouli |
Target Milestone: | GA | Keywords: | FutureFeature, ZStream |
Target Release: | 5.5.2 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Enhancement | |
Doc Text: |
With this update, it is now possible to specify the path to a CA certificate for OpenStack providers to allow SSL connectivity.
|
Story Points: | --- |
Clone Of: | 1292409 | Environment: | |
Last Closed: | 2016-02-10 15:29:26 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1292409 | ||
Bug Blocks: |
Comment 2
Ladislav Smola
2016-01-12 17:26:59 UTC
New commit detected on cfme/5.5.z: https://code.engineering.redhat.com/gerrit/gitweb?p=cfme.git;a=commitdiff;h=063a102f11f053e4931cdf40be3ce022f2914f36 commit 063a102f11f053e4931cdf40be3ce022f2914f36 Merge: ccc121c 95847a9 Author: Greg Blomquist <gblomqui> AuthorDate: Tue Jan 12 13:47:39 2016 -0500 Commit: Greg Blomquist <gblomqui> CommitDate: Tue Jan 12 13:47:39 2016 -0500 Merge branch 'bz1292488' into '5.5.z' Bz1292488 OpenStack allow to specify path to CA certificate OpenStack allow to specify path to CA certificate, which will be passed to Excon. 5.5.z BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1292488 Conflict in tests of cherry-pick of: https://github.com/ManageIQ/manageiq/pull/5831 Conflicts: gems/pending/spec/openstack/openstack_handle/handle_spec.rb Conflict is due to should -> expect change for rspec 3 See merge request !709 .../manageiq/providers/openstack/manager_mixin.rb | 9 +- config/vmdb.tmpl.yml | 3 + gems/pending/openstack/openstack_handle/handle.rb | 24 ++++- .../spec/openstack/openstack_handle/handle_spec.rb | 100 ++++++++++++++++++++- 4 files changed, 127 insertions(+), 9 deletions(-) tested on 5.5.2.2.20160121120249_395c086 with SSL configured on 7.3 Copied both CA for undercloud and overcloud to CFME modified in configure-> configuration-> advanced ssl: ssl_ca_file: "/etc/pki/tls/certs/ca-bundle.crt" ssl_ca_path Both undercloud and overcloud with SSL are working Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2016:0159 |