mirrors/octavia

Gregory Thiemonge

Add SKI and AKI extensions to amphora certificates
Python 3.13 enables VERIFY_X509_STRICT by default in SSL contexts,
which enforces RFC 5280 compliance for X.509 certificates. This
caused TLS handshake failures between octavia-worker and amphorae
because the locally generated certificates were missing the Subject
Key Identifier (SKI) and Authority Key Identifier (AKI) extensions.
This change adds both extensions to certificates generated by the
local certificate generator, ensuring compatibility with Python 3.13+
and OpenSSL strict verification mode.
Closes-Bug: #2146740
Change-Id: I4fd6b76a8856fff82c5e37b279f5991ecd436ab3
Co-Authored-By: Claude Opus 4.5 noreply@anthropic.com
Signed-off-by: Gregory Thiemonge gthiemon@redhat.com

19天前4461次提交

api-refUse only spaces in example response9个月前
binUpdate scripts to use fips allowed algorithms4年前
devstackMerge "devstack: install/uninstall redis - remove code for SUSE"25天前
diskimage-createAdd support for centos-10-stream & rocky 106个月前
docdocs: add OpenStack-Ansible as an installation method 11个月前
elementsAdd support for centos-10-stream & rocky 106个月前
etcSupport file watcher to trigger GMR report1年前
httpdRemove option for apache < 2.47个月前
octaviaAdd SKI and AKI extensions to amphora certificates19天前
playbooksAdd c10s jobs6个月前
releasenotesAdd SKI and AKI extensions to amphora certificates19天前
specs-testsDisable seqdiag in the spec docs2年前
specsRemove use of sphinxcontrib-*diag packages1年前
toolsRemove unused amphora flow and status constants7个月前
zuul.dMerge "Add c10s jobs"2个月前
.coveragercDeclare we use threads and processes for coverage2年前
.gitignoreFix missing stestr10个月前
.gitreviewOpenDev Migration Patch7年前
.pre-commit-config.yamlAdd pyupgrade hook to pre-commit config2年前
.pylintrcFix pep8 with pylint 3.3.01年前
.stestr.confGatefix: Migrate from testr to stestr8年前
CONSTITUTION.rstDocumentation updates4年前
CONTRIBUTING.rstUpdate the bug tracker links in the doc (switch to Launchpad)3年前
HACKING.rstRemove duplicate hacking checks1年前
LICENSEPopulate repository with common initial files11年前
README.rstRemove url tags from README4个月前
TESTING.rstFix remaining reference to Python 3.81年前
bindep.txtGenerate PDF documentation6年前
pyproject.tomlAdd pyproject.toml to support pip 23.111个月前
requirements.txtMerge "Exclude Taskflow 6.0.0"2个月前
setup.cfgMigrate upper functional job to Python 3.134个月前
setup.pyCleanup py27 support3年前
test-requirements.txtFix issues related to pkg_resources module2个月前
tox.iniMigrate upper functional job to Python 3.134个月前

关于

python shell jinja

README.md

19.3 MB

邀请码

加入我们
官网邮箱：gitlink@ccf.org.cn

QQ群

公众号