Bug 1089703 - [RFE] rhc x509 support
Summary: [RFE] rhc x509 support
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: RFE
Version: 2.1.0
Hardware: Unspecified
OS: Unspecified
urgent
urgent
Target Milestone: ---
: ---
Assignee: Brenton Leanhardt
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 1096391 1124864
TreeView+ depends on / blocked
 
Reported: 2014-04-21 17:34 UTC by Eric Rich
Modified: 2018-12-06 16:19 UTC (History)
8 users (show)

Fixed In Version: rhc-1.28.5.1-1.el6op
Doc Type: Enhancement
Doc Text:
Clone Of:
: 1096391 1124864 (view as bug list)
Environment:
Last Closed: 2014-08-26 13:52:12 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2014:1095 0 normal SHIPPED_LIVE Red Hat OpenShift Enterprise 2.1.5 bug fix and enhancement update 2014-08-26 17:51:34 UTC

Comment 3 Eric Rich 2014-04-21 18:45:37 UTC 
It looks like an attempt at this was made https://github.com/openshift/rhc/pull/486
Comment 4 Luke Meyer 2014-04-22 12:52:50 UTC 
Would the customer also like to use their x509 cert with the management console?

I realize this is a request for rhc functionality, just wondering if they realize the console is a different kettle of fish.
Comment 5 Eric Rich 2014-04-22 13:07:19 UTC 
As long as the the management console follows the same authentication model as the the console and the broker wiring up X509 put to this should not be hard (as httpd offloads the authentication).
Comment 6 Luke Meyer 2014-04-22 14:04:55 UTC 
I had to look at the actual confs and requests to update my understanding. The console does the authentication and then just passes the user back to the broker. So this will work with x509 auth the same as it would with the broker. So ignore my comment 4.
Comment 7 Ken Evensen 2014-04-28 14:47:38 UTC 
(In reply to Luke Meyer from comment #4)
> Would the customer also like to use their x509 cert with the management
> console?
> 
> I realize this is a request for rhc functionality, just wondering if they
> realize the console is a different kettle of fish.

Yes, the customer would like to use the x509 cert with the management console.
Comment 10 Ken Evensen 2014-05-15 13:23:35 UTC 
I'm just curious if there has been any progress on this RFE.  We are at a point in our deployment where this would be useful.

Please let us know if there is anything you need from the onsite team.
Comment 11 Brenton Leanhardt 2014-05-15 13:27:04 UTC 
We'll be rebasing the rhc pull request for x509 as soon as possible.  It's one of our next highest priority tasks.
Comment 13 Ken Evensen 2014-05-21 12:32:23 UTC 
(In reply to Eric Rich from comment #3)
> It looks like an attempt at this was made
> https://github.com/openshift/rhc/pull/486

For what its worth, I implemented the changes in the pull.  We've had success getting RHC to do what we need it to do.
Comment 23 Brenton Leanhardt 2014-08-08 14:55:14 UTC 
*** Bug 1096391 has been marked as a duplicate of this bug. ***
Comment 29 errata-xmlrpc 2014-08-26 13:52:12 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-1095.html
Note You need to log in before you can comment on or make changes to this bug.