Comment 5 for bug 520270
Revision history for this message
| chris grzegorczyk (chris-grze) wrote Re: [Bug 520270] Re: Support SSL for web services | #5 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
Sorry, I was unclear. My suggestion was to convert this into a bug
about being able to configure the default endpoint (HTTP vs HTTPS)
which is generated in eucarc. Currently, the eucarc always contains
the HTTP url.
cheers.
chris
On Thu, Feb 11, 2010 at 1:02 PM, Dustin Kirkland
<email address hidden> wrote:
> Hmm, from what I read from Chris, this should be fix-released for Lucid,
> right?
>
> Again, Robert, can you take a gander at Lucid?
>
> --
> Support SSL for web services
> https:/
> You received this bug notification because you are a bug assignee.
>
> Status in Eucalyptus: Invalid
> Status in “eucalyptus” package in Ubuntu: New
>
> Bug description:
> The 8443 admin web page has an SSL certificate, but there doesn't seem to be a SSL web services port (or if it is in fact 8443, then that isn't documented).
>
> While you can't replay or forge requests made over port 80 | 8773, you can sniff and observe them, and some organisations and software refuse to do non-SSL web service requests. Landscape, for instance, requires users of UEC to setup a tunnel so that it is not making cleartext requests.
>
> We should ship SSL by default, with a just-in-time self signed cert, and clear instructions for upgrading to a publically issued certificate.
>
>
>