[charms] Default SSL Service Endpoints

James Beedy jamesbeedy at gmail.com
Sun Dec 4 18:43:48 UTC 2016


Running into a few bumps deploying keystone charm with SSL [1].

I'm wondering how others feel about having the Openstack charms account for
a heightened level of security by opting to use SSL endpoints over plain
http endpoints by default?

Something tells me having services default to using SSL endpoints, and have
the option to disable SSL, would be a better model then throwing up a
non-SSL Openstack as the default offering (and making this SSL breaks the
nice openstack story we have).

I'm thinking default SSL endpoints would help shed some light on the whole
SSL provisioning (there is an easyrsa charm now), and testing too, making
SSL Openstack something that is more common then not.

Thoughts?


[1] https://bugs.launchpad.net/charms/+source/keystone/+bug/1647193
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/juju/attachments/20161204/8f8ba382/attachment.html>


More information about the Juju mailing list