Bug 2385921

Summary: [RFE][Cephadm][NFS-Ganesha] Cephadm support for SNI (Server Name Indication) for mTLS
Product: [Red Hat Storage] Red Hat Ceph Storage Reporter: Manisha Saini <msaini>
Component: CephadmAssignee: Shweta Bhosale <shbhosal>
Status: VERIFIED --- QA Contact: Manisha Saini <msaini>
Severity: high Docs Contact:
Priority: unspecified    
Version: 8.1CC: cephqe-warriors, jcaratza, ngangadh, shbhosal, tserlin
Target Milestone: ---Keywords: FutureFeature
Target Release: 9.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ceph-19.2.1-236.0.hotfix.BYOK.el9cp Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 2392401 (view as bug list) Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2394541    
Bug Blocks: 2392401    

Description Manisha Saini 2025-08-01 11:41:49 UTC 
Description of problem:
================
Tracker for cephadm. Please see full details in BZ - https://bugzilla.redhat.com/show_bug.cgi?id=2381960

Cephadm currently lacks support for specifying servername (SNI) and validate_hostname options.
Need support for same from cephadm.


Version-Release number of selected component (if applicable):


How reproducible:
=============
N/A


Steps to Reproduce:
1.
2.
3.

Actual results:
=============
No support for servername (SNI) and validate_hostname 

Expected results:
==============
Cephadm should allow users to configure:

servername: to specify custom SNI string or disable SNI by setting to an empty string.

validate_hostname: to define expected certificate host name, defaulting to hostname or servername, or disable validation entirely with "".


Additional info: