cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Will Stevens <wstev...@cloudops.com>
Subject Handling Self Signed Certs
Date Thu, 06 Jun 2013 16:08:47 GMT
Hey All,
I am building integration between CS and an external Palo Alto Firewall
device.  The API calls to the PA device are done over HTTPS.  In some cases
(like testing or a POC), it makes sense to use a self signed cert for this
connection.

Currently I have a little http client wrapper which allows the use of a
self signed cert.  Obviously, I do not want to use the wrapper when a real
cert is used.

What I am thinking of doing is adding a checkbox on the 'Add Palo Alto
Device' configuration overlay with an option for 'Using a self signed
cert'.  If this checkbox is checked, then the http client wrapper is used
so the self signed cert will not throw errors, if it is not checked, the
the http client wrapper will not be used and errors will be thrown if the
cert is not valid.

Is this a realistic approach to this problem?  Is this problem handled in
other parts of the system in a different way?

Thanks,

Will

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message