2345489 – [RFE] Cephadm. Add options to configure ingress with re-encrypt options

Bug 2345489 - [RFE] Cephadm. Add options to configure ingress with re-encrypt options

Summary: [RFE] Cephadm. Add options to configure ingress with re-encrypt options

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Ceph Storage
Classification:	Red Hat Storage
Component:	Cephadm
Sub Component:
Version:	8.1
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	medium
Target Milestone:	---
Target Release:	8.1
Assignee:	Adam King
QA Contact:	Vidushi Mishra
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2358898
TreeView+	depends on / blocked

Reported:	2025-02-13 08:22 UTC by daniel parkes
Modified:	2025-06-26 12:26 UTC (History)
CC List:	6 users (show)
Fixed In Version:	ceph-19.2.1-191.el9cp
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Clones:	2358898 (view as bug list)
Environment:
Last Closed:	2025-06-26 12:26:04 UTC
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	RHCEPH-10613	0	None	None	None	2025-02-13 08:24:36 UTC
Red Hat Product Errata	RHSA-2025:9775	0	None	None	None	2025-06-26 12:26:11 UTC

Description daniel parkes 2025-02-13 08:22:34 UTC

As part of Epic ISCE-794, we added the HAproxy Passthrough option, but there was no possibility of re-encryption.

Problem:

Customers have requested that we implement full TLS/SSL encryption from the client to the RGW service.

Goal:

Provide configurable options for the customer, where he can choose to re-encrypt or do a passthrough at the ingress/haproxy level. This way, we can support out-of-the-box full TLS/SSL encryption from the client to the RGW for customers who require it.

Testing has already been done by QE on this RH Jira: https://issues.redhat.com/browse/RHCEPHQE-12976

Where they have tested successfully doing re-encryption.

Comment 1 Storage PM bot 2025-02-13 08:22:45 UTC

Please specify the severity of this bug. Severity is defined here:
https://bugzilla.redhat.com/page.cgi?id=fields.html#bug_severity.

Comment 10 errata-xmlrpc 2025-06-26 12:26:04 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: Red Hat Ceph Storage 8.1 security, bug fix, and enhancement updates), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2025:9775

Note You need to log in before you can comment on or make changes to this bug.