Bug #50932
closed
rgw: beast: lack of TLS settings
Added by Konstantin Shalygin almost 3 years ago.
Updated over 1 year ago.
Tags:
beast backport_processed
Backport:
pacific octopus nautilus
Description
Currently Beast frontend is lack of TLS options
For example our production civetweb run with options:
"civetweb port=0.0.0.0:80r+443s enable_keep_alive=yes ssl_protocol_version=4 ssl_certificate=/etc/pki/tls/private/prod.pem ssl_cipher_list=ECDHE-ECDSA-CHACHA20-POLY1305"
Also lack of keepalive: https://tracker.ceph.com/issues/48402
Mark as regression, cause civetweb dropped in master
- Related to Bug #50765: impossible to disable TLS 1.0 and 1.1 added
- Status changed from New to In Progress
- Assignee set to Mykola Golub
- Status changed from In Progress to Fix Under Review
- Pull request ID set to 41579
- Backport set to pacific,octopus,nautilus
- Status changed from Fix Under Review to Pending Backport
- Backport changed from pacific,octopus,nautilus to pacific octopus
Hi Casey,
We have plans to backport this to our nautilus based product. For this reason it would be much better for us if this is also backported to nautilus upstream branch, even if the upstream doesn't plan to cut a release any more.
Do you mind if I create the backport ticket and PR for nautilus too? I suppose for nautilus we could backport only the patch that adds a possibility to modify ssl options, without changing the default behaviour.
- Backport changed from pacific octopus to pacific octopus nautilus
- Copied to Backport #51726: nautilus: rgw: beast: lack of TLS settings added
- Tags changed from beast to beast backport_processed
- Status changed from Pending Backport to Resolved
Also available in: Atom
PDF