Visit the OpenStack Summit page for the latest news, registration and hotels.
Monday, November 3 • 12:30 - 13:10
SSL Everywhere with Ephemeral PKI

Sign up or log in to save this to your schedule and see who's attending!

All eyes are on OpenStack security as this amazing product matures from DevTest plaything to enterprise grade cloud controller. One of the major pain points with securing OpenStack is deployment, configuration and support for SSL. Deploying a CA and integrating it with OpenStack services is hard enough, getting assurance from SSL and ensuring that the libraries using SSL are really working is nearly impossible. Most current guides ignore this part of the setup.

During our presentation we will unveil our solution to both of these problems. We present an open-source Ephemeral PKI system that sidesteps the revocation issues that plague most OpenStack deployments and provides a stateless, HA mechanism for providing certificate services to entire cloud infrastructures, supporting isolated deployments and multiple, per-service trust anchors. We hope this way deploying secure communication will become the norm rather than difficult add-on.

avatar for Robert Clark

Robert Clark

Lead Security Architect, HP
Robert is a HP Distinguished Technologist, the lead security architect for HP Helion OpenStack and the current PTL of the OpenStack Security team. His career has its roots in threat modelling, vulnerability analysis and virtualization security. He is passionate about security and... Read More →

Monday November 3, 2014 12:30 - 13:10
Room 243

Attendees (0)