Disabling client certificate usage
This patch temporarily disables the usage of the client SSL certificates. The handling of RPC connections had a conceptional flaw, because the certificates lack a proper signature. For this, Ganeti needs to implement a CA, which is already designed (see design-x509-ca.rst) but not implemented yet. This patch keeps most of the client certificate infrastructure intact which was already created and and can be reused, but just disables the actual usage of the certificates in RPC calls till the CA is in place. Signed-off-by:Helga Velroyen <helgav@google.com> Reviewed-by:
Klaus Aehlig <aehlig@google.com>
Showing
Please register or sign in to comment