Deprecate pki_setup and ssl_setup
Registered by
Adam Young
These functions were written to facilitate development and testing, but should not be used in a production system. The right solution is to use a real CA to issue X509 certificates. For development, we can use Certmonger selfsigned, and for production systems, certmonger talking to a real CA.
Blueprint information
- Status:
- Complete
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Adam Young
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- Superseded
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
- Steve Martinelli
Related branches
Related bugs
Sprints
Whiteboard
(morganfainberg): This is to be merged into the "Remove in Kilo" BP/Spec. The goal is to remove the SSL-options from keystone that are only used for generating certs/self-
(stevemar): 16-02-02, with PKI deprecated we can deprecate these commands too, let's use a bug instead since they are easier to track (bug https:/
(?)