Bug 1585022
Summary: | [downstream clone - 4.2.4] Add option to configure cipher list available for encrypted connections | ||
---|---|---|---|
Product: | Red Hat Enterprise Virtualization Manager | Reporter: | RHV bug bot <rhv-bugzilla-bot> |
Component: | vdsm | Assignee: | Piotr Kliczewski <pkliczew> |
Status: | CLOSED ERRATA | QA Contact: | Jiri Belka <jbelka> |
Severity: | high | Docs Contact: | |
Priority: | unspecified | ||
Version: | 4.2.0 | CC: | amashah, lsurette, mgoldboi, mkalinin, mperina, pmatyas, pstehlik, srevivo, trichard, ycui, ykaul |
Target Milestone: | ovirt-4.2.4 | Keywords: | ZStream |
Target Release: | --- | Flags: | pmatyas:
testing_plan_complete+
|
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Enhancement | |
Doc Text: |
This release adds a new 'ssl_ciphers' option to VDSM, which allows you to configure available ciphers for encrypted connections (for example, the Manager to VDSM, or VDSM to VDSM). The values of this option conform to OpenSSL standard.
To set this option:
1. Move the host to Maintenance in the Manager.
2. Create a new /etc/vdsm/vdsm.conf.d/99-custom-ciphers.conf file with the following content:
[vars]
ssl_ciphers = <VALUE>
where <VALUE> is one of the values described in the CIPHERS STRINGD section in https://www.openssl.org/docs/man1.0.2/apps/ciphers.html.
3. Restart VDSM.
4. Activate the host in the Manager.
|
Story Points: | --- |
Clone Of: | 1585008 | Environment: | |
Last Closed: | 2018-06-27 10:02:46 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | Infra | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1585008, 1641455 | ||
Bug Blocks: | 1577594 |
Description
RHV bug bot
2018-06-01 07:28:49 UTC
ok, vdsm-4.20.29-1.el7ev.x86_64 # cat /etc/vdsm/vdsm.conf.d/99-custom-ciphers.conf [vars] ssl_ciphers = HIGH tested migration between non-updated and updated vdsm hosts in 4.2 env Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2018:2072 BZ<2>Jira Resync sync2jira sync2jira |