Stein Series Release Notes

Stein Series Release Notes¶

1.2.3¶

Bug Fixes¶

Add a new parameter, verify_ssl_path, that can be used to configure the path to CA certs when verifying requests to Barbican.

1.2.1¶

Bug Fixes¶

Fixed VaultKeyManager.create_key() to consider the length param as bits instead of bytes for the key length. This was causing a discrepancy between keys generated by the HashiCorp Vault backend and the OpenStack Barbican backend. Considering km as an instance of a key manager, the following code km.create_key(ctx, “AES”, 256) was generating a 256 bit AES key when Barbican is configured as the backend, but generating a 2048 bit AES key when Vault was configured as the backend.

1.2.0¶

New Features¶

Added support for AppRole based authentication to the Vault key manager configured using new approle_role_id and optional approle_secret_id options. (https://www.vaultproject.io/docs/auth/approle.html)

Added configuration option to the Vault key manager to allow the KV store mountpoint in Vault to be specified; the existing default of ‘secret’ is maintained.

this page last updated: 2024-11-19 11:16:45

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.