[Pulp-list] Pulp 2.4.0-0.25.beta and SSL changes
Sayli Karmarkar
skarmark at redhat.com
Mon Jul 21 21:36:59 UTC 2014
Pulp 2.4.0-0.25.beta is now available in our beta repositories -http://repos.fedorapeople.org/repos/pulp/pulp/beta/2.4/
It contains a few important security related fixes among other bug-fixes. We have added the functionality to create new CA and SSL certs during pulp install. We do not use self-signed SSL certificates generated by mod_ssl anymore. This lets API users as well as admin and consumer client users validate the server SSL certificate against trusted CA certificate, avoiding the possibility of MITM attack. Users can also generate and configure their own CA and SSL certificates easily. More information about these fixes and the additional steps needed to be performed are documented at following locations in the installation guide -
http://pulp-user-guide.readthedocs.org/en/latest/installation.html#ssl-validation
http://pulp-user-guide.readthedocs.org/en/latest/installation.html#admin-trusted-ca-installtion
http://pulp-user-guide.readthedocs.org/en/latest/installation.html#consumer-trusted-ca-installtion
Upgrading instructions are also updated for these SSL changes at -
http://pulp-user-guide.readthedocs.org/en/latest/release-notes/2.4.x.html
Give it a go!
Thanks,
--
Sayli Karmarkar
Software Engineer
Systems Management and Cloud Enablement
http://www.redhat.com
More information about the Pulp-list
mailing list