neutron

Add certificate manager mechanism for VPNaaS IPSec connections

Registered by zhichao zhu on 2017-10-26

This spec introduces a certificate manager mechanism to vpn as a Service (VpnaaS).
In other words，it bring in a new function to support certificate for authentication
when creating VPN IPSec site-to-site connections. As we know, creating IPSec site-to-site
connections only support PSK for authentication and main mode in ike_phase1_mode,
this ipsec connection cannot fulfill authentication successfully in NAT schema.
So we add a certficate manage mechanism to manager cerficate and use certificate
for authentication to solve the problem in NAT schema.

Blueprint information

Status:: Complete

Approver:: None

Priority:: Undefined

Drafter:: zhichao zhu

Direction:: Needs approval

Assignee:: zhichao zhu

Definition:: Obsolete

Series goal:: None

Implementation:: Unknown

Milestone target:: None

Completed by: Rodolfo Alonso on 2022-10-19

Related branches

Related bugs

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bug/1459427,n,z

Addressed by: https://review.openstack.org/515328
add-certificate-to-vpnaas

(?)

Work Items

This blueprint contains Public information

Everyone can see this information.

Subscribers

No subscribers.