Description of problem: When using Keystone to Authenticate Ceph Object Gateway User, while configuring civetweb we are giving the rgw_keystone_admin_password as plain text in ceph.conf as mentioned in our doc[1]. The documents says there are 2 ways to configure civetweb users; as plain text user/password or token based. But Red Hat recommends disabling authentication by admin token in production environments. Will it be possible to set up a secure authentication process, avoiding the unencrypted password in the configuration file ceph.conf, like encrypted password? [1] https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/2/html-single/using_keystone_to_authenticate_ceph_object_gateway_users/index Version-Release number of selected component (if applicable): 3.* How reproducible: Always
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:0020