Keystone and Horizon are the default external access routes to
OpenStack.
The default package configuration still uses http.
Added to quantal release notes.
** Changed in: keystone (Ubuntu)
Status: Triaged => Fix Released
** Changed in: horizon (Ubuntu)
Status: Triaged => Fix Rele
** Changed in: horizon (Ubuntu)
Assignee: (unassigned) => James Page (james-page)
** Changed in: keystone (Ubuntu)
Assignee: (unassigned) => James Page (james-page)
** Changed in: keystone (Ubuntu Precise)
Status: Triaged => Fix Released
** Changed in: horizon (Ubuntu Precise)
Why do we keep horizon and keystone tasks?
By the way, I think it's possible to mitigate this issue in Keystone
using Apache. See http://adam.younglogic.com/2012/04/keystone-httpd/ to
set it up and be able to use https:// for Keystone.
--
You received this bug notification because you are a memb
** Changed in: ubuntu-release-notes
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/978963
Title:
add release note that OpenStack should be used on a prote
Keystone cannot be mitigated by post install customizations AFAIK.
Horizon can be delivered through standard https.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/978963
Title:
add release note that
@dstrand: Please comment if you want further additions.
** Changed in: ubuntu-release-notes
Status: New => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/978963
Title:
add relea
Release Note Added:
* The default install of Openstack should be used on a protected
network, as many components use http (non-SSL) as a transport, and
therefore subject to security concerns. This can be mitigated by post
install customisations.
https://wiki.ubuntu.com/PrecisePangolin/ReleaseNot
