yahoo-eng-team team mailing list archive

[Sri Harsha mekala <1917924@xxxxxxxxxxxxxxxxxx>]

Public bug reported:

Currently all of the openstack component clients do support client
certificate validation during client initialization to support mTLS. The
openstack client provides an option to send client certificates using
the --os-cert, --os-key options.

Horizon currently doesn't support this feature and when the openstack services enforce strict mTLS requirement, the horizon application will fail with the below ssl error
OpenSSL.SSL.Error: [('SSL routines', 'ssl3_read_bytes', 'sslv3 alert handshake failure')]

This Bug is present in all the versions of OpenStack Horizon.

** Affects: horizon
     Importance: Undecided
     Assignee: Sri Harsha mekala (harshayahoo)
         Status: New

** Changed in: horizon
     Assignee: (unassigned) => Sri Harsha mekala (harshayahoo)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1917924

Title:
  Support passing client certificates for mTLS support

Status in OpenStack Dashboard (Horizon):
  New

Bug description:
  Currently all of the openstack component clients do support client
  certificate validation during client initialization to support mTLS.
  The openstack client provides an option to send client certificates
  using the --os-cert, --os-key options.

  Horizon currently doesn't support this feature and when the openstack services enforce strict mTLS requirement, the horizon application will fail with the below ssl error
  OpenSSL.SSL.Error: [('SSL routines', 'ssl3_read_bytes', 'sslv3 alert handshake failure')]

  This Bug is present in all the versions of OpenStack Horizon.

To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1917924/+subscriptions