Bug 1783970

Summary: [DDF][Security] Rephrase "private key" usage, and explain how to handle expiring certificates
Product: Red Hat OpenStack Reporter: Direct Docs Feedback <ddf-bot>
Component: documentationAssignee: Roger Heslop <rheslop>
Status: CLOSED EOL QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 13.0 (Queens)CC: alee, fherrman, rheslop
Target Milestone: ---Keywords: Triaged, ZStream
Target Release: ---Flags: mlopes: needinfo? (alee)
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-07-10 17:32:42 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Direct Docs Feedback 2019-12-16 11:08:22 UTC 
This whole section talks in several places about using a "private key"  but in fact what is stored in Barbican is a certificate. I think the text of this section should be revisited and distinguish when it should talk about a certificate versus when it should talk about a private key.

Shouldn't we also address the question of certificate expiration and what must be done when the certificate used to sign an image expires?

Thanks.


Reported by: fherrman

https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/13/html/manage_secrets_with_openstack_key_manager/validate_glance_images#annotations:1b1a2526-9c02-42bc-a8aa-4b15f886c88a
Comment 4 Lon Hohberger 2023-07-10 17:32:42 UTC 
OSP13 support officially ended on 27 June 2023