Bug 1581573 - ceph-radosgw: disable NSS PKI db when SSL is disabled
Summary: ceph-radosgw: disable NSS PKI db when SSL is disabled
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Ceph Storage
Classification: Red Hat Storage
Component: Ceph-Ansible
Version: 3.0
Hardware: Unspecified
OS: Unspecified
low
low
Target Milestone: z4
: 3.0
Assignee: Sébastien Han
QA Contact: Yogev Rabl
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-05-23 06:26 UTC by Sébastien Han
Modified: 2018-07-11 18:11 UTC (History)
10 users (show)

Fixed In Version: RHEL: ceph-ansible-3.0.35-1.el7cp Ubuntu: ceph-ansible_3.0.35-2redhat1
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-07-11 18:11:11 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github ceph ceph-ansible pull 2620 0 None None None 2018-05-23 06:27:05 UTC
Red Hat Product Errata RHSA-2018:2177 0 None None None 2018-07-11 18:11:51 UTC

Description Sébastien Han 2018-05-23 06:26:25 UTC 
The NSS PKI database is needed only if radosgw_keystone_ssl
is explicitly set to true, otherwise the SSL integration is
not enabled.

It is worth noting that the PKI support was removed from Keystone
starting from the Ocata release, so some code paths should be
changed anyway.
Comment 4 Guillaume Abrioux 2018-05-24 13:43:22 UTC 
fix will be in v3.1.0rc4 and 3.0.35
Comment 12 Sébastien Han 2018-06-11 12:38:58 UTC 
ceph DFG should test this, not ceph QE.
Comment 14 Yogev Rabl 2018-07-02 13:28:59 UTC 
Verified
Comment 16 errata-xmlrpc 2018-07-11 18:11:11 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:2177
Note You need to log in before you can comment on or make changes to this bug.