Loading...

XML

Word

Printable

Type: Bug
Resolution: Done-Errata
Priority: Major
Fix Version/s: CNV v4.13.0
Affects Version/s: None
Component/s: CNV Virtualization
Labels:
- cnv-4+
- cnvbugsm
- devel_ack+
- pm_ack+
- qa_ack+

Story Points:
8
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
BZ Status:
CLOSED
BZ URL:
https://bugzilla.redhat.com/show_bug.cgi?id=2139235
Bugzilla Bug:
RHBZ: 2139235
[QE] How to address?:
---
[QE] Why QE missed?:
---
Intelligence Requested:
Market:

Sprint:
CNV Virtualization Sprint 231, CNV Virtualization Sprint 232
Severity:
High

Regression:
None

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

Description of problem:
HCO and SSP need to have ECDHE-ECDSA-AES128-GCM-SHA256 cipher enabled

But Kubevirt needs ECDHE-RSA-AES128-GCM-SHA256

Not sure if it is by design, but personally I would think we need adhere to the same standard.
Currently, we have to be sure that both of these ciphers are present, otherwise some components become non-responding

Version-Release number of selected component (if applicable):
4.12

Actual results:
CNV components use different ciphers

Expected results:
CNV components use the same cipher

blocks

CNV-23410 [2153527] unlike other CNV components, Kubevirt uses its own cipher for tls 1.2

Closed

external trackers

Github kubevirt/kubevirt/pull/9127

Github kubevirt/kubevirt/pull/9345

Red Hat Errata Tool 101182

Red Hat Issue Tracker CNV-22162

Red Hat Product Errata RHSA-2023:3205

(1 external trackers)

Assignee:: Federico Fossemo

Reporter:: Denys Shchedrivyi

QA Contact:: Kedar Bidarkar

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2022/11/01 10:45 PM

Updated:: 2023/08/25 1:07 PM

Resolved:: 2023/05/18 2:55 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates