Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-70927

Support X.509 (SSL/TLS) certificates for Pacemaker Remote configuration

Linking RHIVOS CVEs to...Migration: Automation ...RHELPRIO AssignedTeam ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Story Story
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • None
    • pcs
    • Moderate
    • rhel-ha
    • 40
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • Red Hat Enterprise Linux
    • None
    • None
    • None
    • All
    • Linux
    • None

      Goal

      • As a system administrator, I want to reuse existing host certificates rather than generate a private shared key for encrypting Pacemaker Remote communication.

      Acceptance criteria

      A list of verification conditions, successful functional tests, or expected outcomes in order to declare this story/task successfully completed.

      • Verify that pcs can add a Pacemaker Remote node using private shared keys (currently the only choice)
      • Verify that pcs can add a Pacemaker Remote node using host certificates

      Note that a cluster may only use method or the other, they may not be mixed within the same cluster.

      The underlying capability was added in Pacemaker 3.0.0. See RHEL-7600 documentation tab for configuration details.

              tojeline@redhat.com Tomas Jelinek
              kgaillot@redhat.com Kenneth Gaillot (Inactive)
              Tomas Jelinek Tomas Jelinek
              Cluster QE Cluster QE
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated: