Excerpts from Nathan Kinder's message of 2014-03-27 13:25:02 -0700:
> On 03/26/2014 09:51 AM, Clint Byrum wrote:
> > Excerpts from Chris Jones's message of 2014-03-26 06:58:59 -0700:
> >> Hi
> >>
> >> We don't have a strong attachment to stunnel though, I quickly dropped it
> >> in front of our CI
On 03/26/2014 09:51 AM, Clint Byrum wrote:
> Excerpts from Chris Jones's message of 2014-03-26 06:58:59 -0700:
>> Hi
>>
>> We don't have a strong attachment to stunnel though, I quickly dropped it in
>> front of our CI/CD undercloud and Rob wrote the element so we could repeat
>> the deployment.
Hi
On 26 March 2014 16:51, Clint Byrum wrote:
> quite a bit differently than app serving), there is a security implication
> in having the private SSL keys on the same box that runs the app.
>
This is a very good point, thanks :)
--
Cheers,
Chris
_
Excerpts from Chris Jones's message of 2014-03-26 06:58:59 -0700:
> Hi
>
> We don't have a strong attachment to stunnel though, I quickly dropped it in
> front of our CI/CD undercloud and Rob wrote the element so we could repeat
> the deployment.
>
> In the fullness of time I would expect there
Thanks Chris.
Sounds like you're saying building out the apache element may be a sensible
next step?
-Stuart
Hi
We don't have a strong attachment to stunnel though, I quickly dropped it in
front of our CI/CD undercloud and Rob wrote the
Hi
We don't have a strong attachment to stunnel though, I quickly dropped it in
front of our CI/CD undercloud and Rob wrote the element so we could repeat the
deployment.
In the fullness of time I would expect there to exist elements for several SSL
terminators, but we shouldn't necessarily st
Just spotted the openstack-ssl element which uses 'stunnel'...
On Wed, 26 Mar 2014, stuart.mcla...@hp.com wrote:
All,
I know there's a preference for using a proxy to terminate
SSL connections rather than using the native python code.
There's a good write up of configuring the various proxie