4f1c5db809
The 'docker_registry', 'tpm_mode', and 'openstack' cert on the SystemController will have a CN and SAN with OAM IP Address, any related DNS Names for OAM IP Address and MGMT IP Address. If these certificate are synched to the subclouds, even if they are signed by a trusted CA, when any client connects to the subcloud OAM or MGMT IP, the certificate that comes back will not pass certificate validation because the certificate does not apply to the subcloud's IP Address. For this reason a fix is put in place to avoid only sync "ssl_ca" and "openstack_ca" certificates to subclouds. Change-Id: I17ac94d79beb04f559c46062dbe7826590fcdb06 Signed-off-by: Jessica Castelino <jessica.castelino@windriver.com> Closes-Bug: 1865643 |
||
---|---|---|
.. | ||
api | ||
cmd | ||
common | ||
db | ||
drivers | ||
engine | ||
objects | ||
rpc | ||
tests | ||
__init__.py | ||
config-generator.conf | ||
version.py |