Change in ovirt-engine[ovirt-engine-4.0]: aaa: engine doesn't trust externally-issued web certificate

piotr.kliczewski at gmail.com piotr.kliczewski at gmail.com
Tue May 31 07:56:32 UTC 2016 

Piotr Kliczewski has submitted this change and it was merged.

Change subject: aaa: engine doesn't trust externally-issued web certificate
......................................................................


aaa: engine doesn't trust externally-issued web certificate

Engine should use configurable trustore
for communication with sso module.

New config variables have been added
to pki conf file to let the user set
custom trustsore for SSO<->Engine
SSL communication. If the admin sets
up custom apache certificates and loads
the certificate into system wide trust
store, the admin can add a new conf
file to point the ENGINE_HTTPS_PKI_TRUST_STORE
and ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD to
the system truststore's location and password.

Change-Id: I35788dea6fff2f4bf4b554f4457591c29db057ed
Bug-Url: https://bugzilla.redhat.com/1336838
Signed-off-by: Ravi Nori <rnori at redhat.com>
---
M backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/SsoOAuthServiceUtils.java
M backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/utils/SsoUtils.java
M packaging/services/ovirt-engine/ovirt-engine.conf.in
M packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/config/ca.py
M packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/config/sso.py
5 files changed, 15 insertions(+), 21 deletions(-)

Approvals:
  Martin Peřina: Verified; Passed CI tests
  Moti Asayag: Looks good to me, approved



-- 
To view, visit https://gerrit.ovirt.org/58322
To unsubscribe, visit https://gerrit.ovirt.org/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I35788dea6fff2f4bf4b554f4457591c29db057ed
Gerrit-PatchSet: 2
Gerrit-Project: ovirt-engine
Gerrit-Branch: ovirt-engine-4.0
Gerrit-Owner: Martin Peřina <mperina at redhat.com>
Gerrit-Reviewer: Jenkins CI
Gerrit-Reviewer: Martin Peřina <mperina at redhat.com>
Gerrit-Reviewer: Moti Asayag <masayag at redhat.com>
Gerrit-Reviewer: Piotr Kliczewski <piotr.kliczewski at gmail.com>
Gerrit-Reviewer: Ravi Nori <rnori at redhat.com>
Gerrit-Reviewer: gerrit-hooks <automation at ovirt.org>

More information about the Engine-commits mailing list