Bug 1583585

Summary: [RFE] Revoke access from nodes using Certificate Revoke List in SSL
Product: [Red Hat Storage] Red Hat Gluster Storage Reporter: Sonal <sarora>
Component: glusterfsAssignee: Mohit Agrawal <moagrawa>
Status: CLOSED ERRATA QA Contact: Vinayak Papnoi <vpapnoi>
Severity: low Docs Contact:
Priority: medium    
Version: unspecifiedCC: amukherj, apaladug, bkunal, mchangir, moagrawa, nchilaka, puebele, rhs-bugs, rik.theys, sheggodu, vbellur, vdas
Target Milestone: ---Keywords: FutureFeature, ZStream
Target Release: RHGS 3.5.0Flags: mchangir: needinfo-
Hardware: Unspecified   
OS: Linux   
Whiteboard:
Fixed In Version: glusterfs-6.0-3 Doc Type: Enhancement
Doc Text:
Administrators can now prevent nodes with revoked certificates from accessing the cluster by adding a banned node's certificate to a Certificate Revocation List file, and specifying the file's path in the new ssl.crl-path volume option.
 Story Points: ---
Clone Of:
: 1687326 (view as bug list) Environment:
Last Closed: 2019-10-30 12:19:38 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1687326    
Bug Blocks: 1657798, 1674379, 1696806    

Comment 7 Sonal 2018-12-31 08:49:27 UTC 
Hi Vivek,

Could we have more information on if option ssl.crl-path is tested?

Regards,
Sonal Arora
Comment 14 Sachin P Mali 2019-02-01 10:24:27 UTC 
Hi Bipin,
This bug need through testing around SSL area not only respect to this bug. QE has to look for other areas around SSL. Because of that we have pushed this issue to next release.
We can plan to cover  all SSL related issues in one release.
Comment 15 Sachin P Mali 2019-02-01 18:16:49 UTC 
Hi Bipin, 
After analyzing this bug , we came to an agreement that QE will participate only in certificate revoke validation. Hence we are considering  this bug for BU4
Comment 42 Sunil Kumar Acharya 2019-05-13 07:07:28 UTC 
Restoring other needinfo
Comment 55 errata-xmlrpc 2019-10-30 12:19:38 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2019:3249