[Openstack-security] [Bug 1375857] Re: It's not possibile to pass the cacert to the swift store
OpenStack Infra
1375857 at bugs.launchpad.net
Wed Jan 7 23:03:49 UTC 2015
Reviewed: https://review.openstack.org/125338
Committed: https://git.openstack.org/cgit/openstack/glance_store/commit/?id=6b2cdbf4e608e38a6471093c77e5dd5792ab8532
Submitter: Jenkins
Branch: master
commit 6b2cdbf4e608e38a6471093c77e5dd5792ab8532
Author: Andrea Rosa <andrea.rosa at hp.com>
Date: Wed Oct 1 13:10:47 2014 +0100
Define a new parameter to pass CA cert file
This change adds a new parameter for the swift store driver that allows
to speficy the name of the CA cert file to use in the SSL connections for
verifying certificates. This parameter is passed to the swiftclient in
the creation of the connection. The parameter is called "swift_store_cacert".
This change corresponds to change
I4cbfae3c1ac84d6c85875d34a58dd2a87ae85d6f in glance.
Change-Id: I5b356170ec82d033204e22f79c862201400a0a31
Closes-bug: 1375857
DocImpact
** Changed in: glance
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1375857
Title:
It's not possibile to pass the cacert to the swift store
Status in OpenStack Image Registry and Delivery Service (Glance):
Fix Committed
Status in OpenStack Glance backend store-drivers library (glance_store):
In Progress
Bug description:
The swift store device defined in the glance store doesn't allow to pass the ca cert file. When the driver creates a connection via the swift client it is not possible to pass that value.
That means that if we have swift running on TLS in some cases we have to set the insecure option equals to True as the client can't correctly complete the handshake as it fails on the verification of the cert.
The fix I'd like to propose is to add a new parameter to define the ca
cert file and pass this value when we create the connection via the
swift client.
To manage notifications about this bug go to:
https://bugs.launchpad.net/glance/+bug/1375857/+subscriptions
More information about the Openstack-security
mailing list