Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Normal
Fix Version/s: OSSM 2.4.0
Affects Version/s: None
Component/s: Maistra
Labels:
- close-loop-done
- good-first-issue

Story Points:
3
Blocked:
False
Ready:
False
Release Note Status:
In Progress
Git Pull Request:
https://github.com/maistra/istio-operator/pull/1161
Market:

Sprint:
Sprint 59, Sprint 60, Sprint 61, Sprint 62

Target Version:

OSSM 2.4.0

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

After installing the service mesh the secret in control namespace is is stored using sha1

[quicklab@upi-0 ~]$ oc get secrets
NAME TYPE DATA AGE

htpasswd Opaque 2 52d

[quicklab@upi-0 ~]$ oc get secret -n istio-system htpasswd -o json | jq .data.auth | tr -d \" | base64 -d | sed 's/}.*/}REDACTED\n/'
internal:

{SHA}

REDACTED

The SHA indicates SHA-1. In modern best practices, SHA-1 is deprecated and shouldn't be used. We have a request from customer for upgrading SHA-1

is related to

OSSM-8253 MTT: Htpasswd secret created in control plane namespace is using SHA1

Closed

mentioned on

Merge request - Updated US source to: bdd878e [OSSM-1094] Use bcrypt for htpasswd (#1161)

Assignee:: Cameron Garrison

Reporter:: Anand T N (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 9 Start watching this issue

Created:: 2021/09/23 7:00 PM

Updated:: 2024/11/04 7:33 PM

Resolved:: 2024/10/21 12:03 PM