Description of problem: Encryption of internal API traffic has been a very high priority for RHOSP. We have been making steady progress to deliver coverage for all internal services, and need to ensure that OpenDaylight is covered as well. TripleO already has TLS/SSL support for other services and we need to add support with OepnDaylight where possible: From Southbound with OVS it looks to be supported [1][2][3]. Northbound SSL REST is documented as well [4]. This feature will require changes to TripleO and puppet-opendaylight as well. [1] http://docs.openvswitch.org/en/latest/howto/ssl/ [2] https://wiki.opendaylight.org/view/OpenDaylight_OpenFlow_Plugin:_TLS_Support [3] https://wiki.opendaylight.org/view/AAA:Secure_TLS_communication [4] https://wiki.opendaylight.org/view/OpenDaylight_Controller:SSL_RestConf
Checked with: 2018-05-10.3 There is still this bug: https://bugzilla.redhat.com/show_bug.cgi?id=1572173 but it's being investigated and there is a reasonable workaround.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2018:2086