[openstack-dev] [tripleo] TLS by default
juliaashleykreger at gmail.com
Wed Mar 14 23:51:14 UTC 2018
On Wed, Mar 14, 2018 at 4:52 AM, Dmitry Tantsur <dtantsur at redhat.com> wrote:
> Just to clarify: only for public endpoints, right? I don't think e.g.
> ironic-python-agent can talk to self-signed certificates yet.
For what it is worth, it is possible for IPA to speak to a self signed
certificate, although it requires injecting the signing private CA
certificate into the ramdisk or iso image that is being used. There
are a few other options that can be implemented, but those may also
lower overall security posture.
More information about the OpenStack-dev