yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #16580
[Bug 1259011] Re: Certificates cannot be retrieved from the V3 API
** Also affects: keystonemiddleware
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1259011
Title:
Certificates cannot be retrieved from the V3 API
Status in OpenStack Identity (Keystone):
Fix Released
Status in OpenStack Identity (Keystone) Middleware:
New
Status in OpenStack API documentation site:
Fix Released
Status in Python client library for Keystone:
New
Bug description:
Auth_token middleware relies upon the V2 api to provide the
certificates that are required to validate PKI tokens because this
information is not provided by the V3 API.
Longer term i think we should be encouraging deployers to handle their
own certificate distribution as fetching the certificates from the
same source that is issuing tokens is not secure, however for the mean
time we need some way of providing these certificates to token
validators.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1259011/+subscriptions
References