Hello, As part of the proposed changed by the Security Squad [1], we'd like the deployment to use TLS by default. The first target is to get the undercloud to use it, so a patch has been proposed recently [2] [3]. So, just wanted to give a heads up to people. This should be just fine from a quickstart/testing point of view, since we explicitly set the value for autogenerating certificates in the undercloud [4] [5]. Note that there are also plans to change these defaults for the containerized undercloud and the overcloud. BR [1] https://etherpad.openstack.org/p/tripleo-security-squad [2] https://review.openstack.org/#/c/552382/ [3] https://review.openstack.org/552781 [4] https://github.com/openstack/tripleo-quickstart-extras/blob/master/roles/extras-common/defaults/main.yml#L15 [5] https://github.com/openstack/tripleo-quickstart-extras/blob/master/roles/undercloud-deploy/templates/undercloud.conf.j2#L117 -- Juan Antonio Osorio R. e-mail: jaosorior at gmail.com -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20180314/e5959ce2/attachment.html>