[openstack-dev] [nova] Confusion over how enable_certificate_validation is meant to be used

Jeremy Stanley fungi at yuggoth.org
Tue Jun 12 14:11:58 UTC 2018


On 2018-06-12 09:00:47 -0500 (-0500), Matt Riedemann wrote:
[...]
> In this scenario, if the user fails to provide trusted certs when
> creating or rebuilding a server, it's going to result in a build
> abort exception (NoValidHost) from the compute. Is that the
> intention?
[...]

It's at least one way to keep a user from accidentally booting an
untrusted/unsigned image, assuming that's a goal for this feature.
-- 
Jeremy Stanley
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20180612/fd2b3ad6/attachment.sig>


More information about the OpenStack-dev mailing list