Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1421204 - Allow TLSv1.2 during protocol negotiation for external provider communication
Allow TLSv1.2 during protocol negotiation for external provider communication
Status: CLOSED CURRENTRELEASE
Product: ovirt-engine
Classification: oVirt
Component: BLL.Infra (Show other bugs)
---
Unspecified Unspecified
unspecified Severity high (vote)
: ovirt-4.1.3
: 4.1.3
Assigned To: Martin Perina
Jiri Belka
: Improvement
Depends On:
Blocks: RHV_TLS_1_2_SUPPORT
  Show dependency treegraph
 
Reported: 2017-02-10 10:24 EST by Martin Perina
Modified: 2017-07-06 09:19 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Previous versions of Red Hat Virtualization were able to negotiate encryption protocol up to TLSv1 for external provider communication. This update adds the the ability to negotiate encryption protocol up to TLSv1.2. Note: The exact version used for communication depends on highest version available on the external provider target.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-07-06 09:19:36 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: Infra
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
rule-engine: ovirt‑4.1+
mgoldboi: planning_ack+
mperina: devel_ack+
lsvaty: testing_ack+

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
oVirt gerrit 72083 master MERGED core: Allow TLSv1.2 for external provider communication 2017-03-24 09:23 EDT
oVirt gerrit 76940 ovirt-engine-4.1 MERGED core: Allow TLSv1.2 for external provider communication 2017-05-17 09:06 EDT

  None (edit)
Description Martin Perina 2017-02-10 10:24:49 EST 
Description of problem:

Currently we allow protocol negotiation only up to TLSv1.0. We should remove this limit and allow negotiation up to TLSv1.2 for communication with external providers like Foreman, Neutron or Glance.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 3 Jiri Belka 2017-06-20 11:18:49 EDT 
ok, ovirt-engine-4.1.3.4-0.1.el7.noarch (Version: TLS 1.2 (0x0303)

check with wireshark and satellite private keys while adding satellite as external provider
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.