Bug 1813580 - TLS client authentication
Summary: TLS client authentication
Keywords:
Status: MODIFIED
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-octavia
Version: 17.0 (Wallaby)
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: Alpha
: ---
Assignee: OSP Team
QA Contact: Bruna Bonguardo
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-03-14 14:30 UTC by Carlos Goncalves
Modified: 2023-07-21 21:46 UTC (History)
9 users (show)

Fixed In Version: openstack-octavia-8.0.2-1.20220906124106.d187769.el8ost
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
https://bugzilla.redhat.com/show_bug.cgi?id=2127344
Last Closed:
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
OpenStack Storyboard 2002165 0 None None None 2023-07-21 21:46:31 UTC
OpenStack gerrit 612267 0 None MERGED Add client_ca_tls_container_ref to listener API 2023-07-21 21:46:31 UTC
OpenStack gerrit 612268 0 None MERGED Add an option to the Octavia V2 listener API for client cert 2023-07-21 21:46:31 UTC
OpenStack gerrit 612270 0 None MERGED Add new ssl header into Listener for client certificate 2023-07-21 21:46:31 UTC
OpenStack gerrit 612271 0 None MERGED L7rule support client certificate cases 2023-07-21 21:46:31 UTC
OpenStack gerrit 616879 0 None MERGED Add 'client_authentication' in Listener on client 2023-07-21 21:46:31 UTC
OpenStack gerrit 693607 0 None MERGED Add listener client authentication scenario tests 2023-07-21 21:46:31 UTC
Red Hat Issue Tracker OSP-5199 0 None None None 2022-05-24 18:17:20 UTC

Internal Links: 2129029

Description Carlos Goncalves 2020-03-14 14:30:36 UTC 
This allows load balancers to authenticate that the client connecting to it is authorized to connect.

https://docs.openstack.org/octavia/latest/user/guides/basic-cookbook.html#deploy-a-tls-terminated-https-load-balancer-with-client-authentication
Comment 1 Carlos Goncalves 2020-03-16 12:17:16 UTC 
Partially implemented. SDK and dashboard incomplete.
Comment 4 Tom Weininger 2022-09-22 10:35:47 UTC 
The SDK part has been implemented too. Only the dashboard part is missing. Creating a separate BZ for that.
Note You need to log in before you can comment on or make changes to this bug.