Project

General

Profile

Feature #47776

Add Support customed CA certificate from vault KMS for SSE encryption

Added by Jiffin Tony Thottan over 1 year ago. Updated 7 months ago.

Status:
Resolved
Priority:
Normal
Target version:
-
% Done:

100%

Source:
Tags:
vault encryption
Backport:
pacific
Reviewed:
Affected Versions:
Pull request ID:

Description

The KMS backend vault supports multiple TLS config such as

Vault Client Certificate
Vault Client Key
Vault CA Certificate
Vault TLS Server Name

Currently RGW can communicate with vault using default SSL installed in the system,not with customed one


Related issues

Copied to rgw - Backport #51310: pacific: Add Support customed CA certificate from vault KMS for SSE encryption Resolved

History

#1 Updated by Casey Bodley over 1 year ago

  • Tracker changed from Bug to Feature
  • Tags set to vault encryption

#2 Updated by Matt Benjamin 11 months ago

  • Assignee set to Jiffin Tony Thottan
  • Pull request ID set to 37730

#3 Updated by Matt Benjamin 9 months ago

  • Backport set to pacific

#4 Updated by Jiffin Tony Thottan 9 months ago

I have created Bp branch in my git repo since this PR have conflicts with pacific https://github.com/thotz/ceph/tree/rgwkmsvaultsslsupport-pacific

#5 Updated by Jiffin Tony Thottan 8 months ago

Jiffin Tony Thottan wrote:

I have created Bp branch in my git repo since this PR have conflicts with pacific https://github.com/thotz/ceph/tree/rgwkmsvaultsslsupport-pacific

Any update wrt Pacific backport?

#6 Updated by Jiffin Tony Thottan 7 months ago

  • Status changed from New to Pending Backport
  • Target version set to v16.2.5
  • % Done changed from 0 to 100

#7 Updated by Backport Bot 7 months ago

  • Copied to Backport #51310: pacific: Add Support customed CA certificate from vault KMS for SSE encryption added

#8 Updated by Loïc Dachary 7 months ago

  • Target version deleted (v16.2.5)

#9 Updated by Loïc Dachary 7 months ago

  • Status changed from Pending Backport to Resolved

While running with --resolve-parent, the script "backport-create-issue" noticed that all backports of this issue are in status "Resolved" or "Rejected".

Also available in: Atom PDF