a27b5c418a
This commit adds the ability for Octavia to make use of PKCS7 intermediate certificate bundles. These PKCS7 bundles may be in PEM or DER format. This feature is being added since barbican specifies that this is the preferred format for intermediate bundles in secret containers. This commit also re-arranges and/or strengthens several of our existing tests of TLS / SNI functionality and in the process also fixes a bug where encrypted private keys were not uploaded to amphorae in a format that haproxy can readily parse. I have also added several sample or dummy certificates which can be used for an up-coming scenario test which exercises TLS-termination capabilities of Octavia. Change-Id: I14e394bbf48456d2e2a7bbefcc777a1b6f4b83e4 Closes-Bug: #1627356 Closes-Bug: #1627367
7 lines
197 B
YAML
7 lines
197 B
YAML
---
|
|
features:
|
|
- Adds support for PKCS7 PEM or DER encoded intermediate certificate bundles
|
|
for TERMINATED_HTTPS listeners.
|
|
fixes:
|
|
- Resolves an issue with using encrypted TLS private keys.
|