2249984 – [RFE]Cephadm SSL/TLS certificate management. Ability to create Self-Signed Certs(Including SAN modifications)

Bug 2249984 - [RFE]Cephadm SSL/TLS certificate management. Ability to create Self-Signed Certs(Including SAN modifications)

Summary: [RFE]Cephadm SSL/TLS certificate management. Ability to create Self-Signed Ce...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Ceph Storage
Classification:	Red Hat Storage
Component:	Cephadm
Sub Component:
Version:	8.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Target Release:	8.0
Assignee:	Adam King
QA Contact:	Mohit Bisht
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2317218
TreeView+	depends on / blocked

Reported:	2023-11-16 09:43 UTC by daniel parkes
Modified:	2024-11-25 09:00 UTC (History)
CC List:	7 users (show)
Fixed In Version:	ceph-19.1.1-4.el9cp
Doc Type:	Enhancement
Doc Text:	.A self-signed certificate can be generated by cephadm within the Ceph Object Gateway service specification With this enhancement, adding `generate_cert: true` into the Ceph Object Gateway service specification file, enables cephadm to generate a self-signed certificate for the Ceph Object Gateway service. This can be done instead of manually creating the certificate and inserting into the specification file. Using `generate_cert: true` works for the Ceph Object Gateway service, including SAN modifications based on the `zonegroup_hostnames` parameter included in the Ceph Object Gateway specification file. The following is an example of Ceph Object Gateway specification file: ---- service_type: rgw service_id: bar service_name: rgw.bar placement: hosts: - vm-00 - vm-02 spec: generate_cert: true rgw_realm: bar_realm rgw_zone: bar_zone rgw_zonegroup: bar_zonegroup ssl: true zonegroup_hostnames: - s3.example.com - s3.foo.com ---- This specification file would generate a self-signed certificate that includes the following output: ---- X509v3 Subject Alternative Name: DNS:s3.example.com, DNS:s3.foo.com ----
Clone Of:
Environment:
Last Closed:	2024-11-25 09:00:03 UTC
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	RHCEPH-7922	0	None	None	None	2023-11-16 09:44:00 UTC
Red Hat Product Errata	RHBA-2024:10216	0	None	None	None	2024-11-25 09:00:08 UTC

Description daniel parkes 2023-11-16 09:43:31 UTC

Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 2 RHEL Program Management 2023-11-16 09:43:42 UTC

Please specify the severity of this bug. Severity is defined here:
https://bugzilla.redhat.com/page.cgi?id=fields.html#bug_severity.

Comment 11 errata-xmlrpc 2024-11-25 09:00:03 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Red Hat Ceph Storage 8.0 security, bug fix, and enhancement updates), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2024:10216

Note You need to log in before you can comment on or make changes to this bug.