HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates.
The product does not validate, or incorrectly validates, a certificate.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Compute | Openstack | 2013.1 (including) | 2013.1 (including) |
| Keystone | Openstack | 2013 (including) | 2013 (including) |
| Openstack | Redhat | 3.0 (including) | 3.0 (including) |
| Openstack | Redhat | 4.0 (including) | 4.0 (including) |
| Cinder | Ubuntu | devel | * |
| Cinder | Ubuntu | quantal | * |
| Cinder | Ubuntu | raring | * |
| Keystone | Ubuntu | devel | * |
| Keystone | Ubuntu | precise | * |
| Keystone | Ubuntu | quantal | * |
| Keystone | Ubuntu | raring | * |
| Nova | Ubuntu | devel | * |
| Nova | Ubuntu | precise | * |
| Nova | Ubuntu | quantal | * |
| Nova | Ubuntu | raring | * |
| Python-keystoneclient | Ubuntu | devel | * |
| Python-keystoneclient | Ubuntu | precise | * |
| Python-keystoneclient | Ubuntu | quantal | * |
| Python-keystoneclient | Ubuntu | raring | * |
| Python-keystoneclient | Ubuntu | upstream | * |
| Quantum | Ubuntu | precise | * |
| Quantum | Ubuntu | quantal | * |
| Quantum | Ubuntu | raring | * |