Create a section that outlines setting up SSL for Ironic in the Bare Metal Provisioning Guide. This has been requested by Summer Long from the security team, following a review of the draft document. Some options for SSL are in ironic.conf, both for setting up communication with the Image server, and for any server in general.
Assigning to myself for review.
Due to current scheduling restrictions and given the scope of work required for this bug, I am returning this bug to the default assignee to be re-triaged as the schedule allows.
Hi! Does it even need fixing? I think we're able to setup SSL for all services nowadays..
(In reply to Dmitry Tantsur from comment #5) > Hi! Does it even need fixing? I think we're able to setup SSL for all > services nowadays.. Hi Dmitry, Do you mean via director? I see that director integration was added in RHOSP 10, but in RHOSP 8 and 9, the Bare Metal Provisioning service is configured manually, so this request was to add a procedure for manually configuring SSL. Is such a procedure still required for manual configurations, and could you help with providing the steps?
Ah, got it. No, sorry, I don't know how to configure SSL in this case, but it's probably the same as for other services, modulo port numbers.