Public bug reported:
Both of these tools generate Self-signed CA certificates. As such,
they are only appropriate for development deployments, and should be
treated as such. While sites with mature PKI policies would recognize
this, that majority of people new to Open Stack are not PKI experts, and
are using the provided tools. The
http://docs.openstack.org/developer/keystone/configuration.html
#certificates-for-pki should state this clearly.
** Affects: keystone
Importance: Undecided
Assignee: Adam Young (ayoung)
Status: New
** Changed in: keystone
Assignee: (unassigned) => Adam Young (ayoung)
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1291366
Title:
documentation should advice against using pki_setup and ssl_setup
Status in OpenStack Identity (Keystone):
New
Bug description:
Both of these tools generate Self-signed CA certificates. As such,
they are only appropriate for development deployments, and should be
treated as such. While sites with mature PKI policies would recognize
this, that majority of people new to Open Stack are not PKI experts,
and are using the provided tools. The
http://docs.openstack.org/developer/keystone/configuration.html
#certificates-for-pki should state this clearly.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1291366/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
