Change in ovirt-engine[master]: aaa: engine doesn't trust externally-issued web certificate

mperina at redhat.com mperina at redhat.com
Tue May 31 07:44:31 UTC 2016 

Martin Peřina has submitted this change and it was merged.

Change subject: aaa: engine doesn't trust externally-issued web certificate
......................................................................


aaa: engine doesn't trust externally-issued web certificate

Engine should use configurable trustore
for communication with sso module.

New config variables have been added
to pki conf file to let the user set
custom trustsore for SSO<->Engine
SSL communication. If the admin sets
up custom apache certificates and loads
the certificate into system wide trust
store, the admin can add a new conf
file to point the ENGINE_HTTPS_PKI_TRUST_STORE
and ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD to
the system truststore's location and password.

Change-Id: I35788dea6fff2f4bf4b554f4457591c29db057ed
Bug-Url: https://bugzilla.redhat.com/1336838
Signed-off-by: Ravi Nori <rnori at redhat.com>
---
M backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/SsoOAuthServiceUtils.java
M backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/utils/SsoUtils.java
M packaging/services/ovirt-engine/ovirt-engine.conf.in
M packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/config/ca.py
M packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/config/sso.py
5 files changed, 15 insertions(+), 21 deletions(-)

Approvals:
  Sandro Bonazzola: Looks good to me, approved
  Martin Peřina: Looks good to me, but someone else must approve
  Ravi Nori: Verified
  Jenkins CI: Passed CI tests



-- 
To view, visit https://gerrit.ovirt.org/57812
To unsubscribe, visit https://gerrit.ovirt.org/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I35788dea6fff2f4bf4b554f4457591c29db057ed
Gerrit-PatchSet: 6
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Ravi Nori <rnori at redhat.com>
Gerrit-Reviewer: Jenkins CI
Gerrit-Reviewer: Martin Peřina <mperina at redhat.com>
Gerrit-Reviewer: Moti Asayag <masayag at redhat.com>
Gerrit-Reviewer: Oved Ourfali <oourfali at redhat.com>
Gerrit-Reviewer: Ravi Nori <rnori at redhat.com>
Gerrit-Reviewer: Sandro Bonazzola <sbonazzo at redhat.com>
Gerrit-Reviewer: Simone Tiraboschi <stirabos at redhat.com>
Gerrit-Reviewer: Yedidyah Bar David <didi at redhat.com>
Gerrit-Reviewer: gerrit-hooks <automation at ovirt.org>

More information about the Engine-commits mailing list