[openstack-dev] [Magnum] TLS Support in Magnum
yuanying at oeilvert.org
Tue Jun 16 06:30:36 UTC 2015
2015年6月16日(火) 3:00 Tom Cammann <tom.cammann at hp.com>:
> At the summit we talked about using Magnum as a CA and signing the
> certificates, and we seemed to have some consensus about doing this with
> possibility of using Anchor. This would take a lot of the onus off of
> the user to
> fiddle around with openssl and craft the right signed certs safely. Using
> Magnum as a CA the user would generate a key/cert pair, and then get the
> cert signed by Magnum, and the kube node would do the same. The main
> downside of this technique is that the user MUST trust Magnum and the
> administrator as they would have access to the CA signing cert.
I'm not sure about Anchor.
You mean, Anchor can be used for implementation of Magnum as a CA.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OpenStack-dev