[Openstack-security] [Bug 1662558] Re: Nexenta disabling certificate verification

Eric Harney 1662558 at bugs.launchpad.net
Fri Mar 2 10:43:18 UTC 2018 

** Changed in: cinder
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1662558

Title:
  Nexenta disabling certificate verification

Status in Cinder:
  Confirmed

Bug description:
  Nexenta is making reqeust calls with verify=False which disables SSL certificate checks in the following file:
  cinder/volume/drivers/nexenta/ns5/jsonrpc.py

  As suggested in this patch set
  (https://review.openstack.org/#/c/426385/), this bug is being opened
  in order to either fix the checks or add comments in the driver
  explaining why this is safe.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cinder/+bug/1662558/+subscriptions

More information about the Openstack-security mailing list