[openstack-dev] [Barbican][Neturon] Cred management for ssl-vpn
Nachi Ueno
nachi at ntti3.com
Wed May 7 22:44:13 UTC 2014
Hi Barbican folks
I'm trying to rewrite existing ssl-vpn bp with integration with barbican.
so I'm really appliciate if I can get your input.
In original proposal, we have vpn credential resource who has followings
- id
- ca (PEM encoded)
- server_certificate (PEM encoded)
- server_key (PEM encoded)
- dh (PEM encoded)
- crl (PEM encoded)
We have also ssl-vpn-connection resource who has
credential_id
https://wiki.openstack.org/wiki/Neutron/VPNaaS/SSLVPN
IMO, we can remove vpn credential resources completely if we use Barbican.
What's I'm thinking is having payload something like this.
{"payload": {
"ca" : "xxx",
'server_key': 'xxx"
}}
Is this good idea in Barbican context?
Best
Nachi
More information about the OpenStack-dev
mailing list