Bug 1371475 - [RFE] : Support SSL enabled volume via NFS Ganesha [NEEDINFO]
Summary: [RFE] : Support SSL enabled volume via NFS Ganesha
Alias: None
Product: Red Hat Gluster Storage
Classification: Red Hat
Component: nfs-ganesha
Version: rhgs-3.1
Hardware: x86_64
OS: Linux
Target Milestone: ---
: RHGS 3.2.0
Assignee: rjoseph
QA Contact: Ambarish
Depends On:
Blocks: 1311843 1351503 1351530 1362602 1371650
TreeView+ depends on / blocked
Reported: 2016-08-30 09:53 UTC by rjoseph
Modified: 2017-03-23 05:46 UTC (History)
13 users (show)

Fixed In Version: glusterfs-3.8.4-1
Doc Type: Enhancement
Doc Text:
Red Hat Gluster Storage now provides support for NFS-Ganesha to enable Transport Layer Security (SSL) on a management connection between the Ganesha and glusterd services. Libgfapi now checks for the /var/lib/glusterd/secure-access file before making an RPC connection and enables SSL on the management connection if the file is present.
Clone Of: 1340608
Last Closed: 2017-03-23 05:46:08 UTC
lbailey: needinfo? (rjoseph)

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2017:0486 normal SHIPPED_LIVE Moderate: Red Hat Gluster Storage 3.2.0 security, bug fix, and enhancement update 2017-03-23 09:18:45 UTC

Comment 2 rjoseph 2016-08-30 17:42:05 UTC
Following patch fixes both BZ 1371475 and BZ 1340608

Upstream Master: 

http://review.gluster.org/15072 - Merged
http://review.gluster.org/15073 - Merged

Uostream release-3.8:
http://review.gluster.org/15361 - Post
http://review.gluster.org/15359 - Post

Comment 7 Ambarish 2017-01-30 06:49:27 UTC
Uptil 3.1.3 Ganesha mounts were failing on an SSL enabled setup.

v3/v4 Mounts work fine now with 3.2 bits,basic IO works fine.

Moving the RFE to Verified.

Will open BZs to track failures(if any,during the regression cycle) on more complex tests .

Comment 10 errata-xmlrpc 2017-03-23 05:46:08 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.