Running into a few bumps deploying keystone charm with SSL [1]. I'm wondering how others feel about having the Openstack charms account for a heightened level of security by opting to use SSL endpoints over plain http endpoints by default?
Something tells me having services default to using SSL endpoints, and have the option to disable SSL, would be a better model then throwing up a non-SSL Openstack as the default offering (and making this SSL breaks the nice openstack story we have). I'm thinking default SSL endpoints would help shed some light on the whole SSL provisioning (there is an easyrsa charm now), and testing too, making SSL Openstack something that is more common then not. Thoughts? [1] https://bugs.launchpad.net/charms/+source/keystone/+bug/1647193
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
