[#NETCONF-489] Add TLS support for connecting to a netconf device

[NETCONF-489] Add TLS support for connecting to a netconf device Created: 04/Dec/17 Updated: 16/Sep/19 Resolved: 07/Aug/18
Status:	Resolved
Project:	netconf
Component/s:	netconf
Affects Version/s:	None
Fix Version/s:	Oxygen

Type:

Improvement

Priority:

Medium

Reporter:

Guosheng Li

Assignee:

Unassigned

Resolution:

Done

Votes:

Labels:

None

Remaining Estimate:

Not Specified

Time Spent:

Not Specified

Original Estimate:

Not Specified

Description

The netconf project only support the SSH protocol which has been not meet the mobile operators' needs, so it will make sense to add TLS protocol to the netconf project. The TLS is complex, so it will be devided into several patches, such as certificate management, tls client, tls callhome and so on. I will commit these patches one after another timely.

Comments

Comment by Jakub Morvay [ 07/Aug/18 ]

fix:
https://git.opendaylight.org/gerrit/#/c/67711/

Comment by Jakub Morvay [ 07/Sep/18 ]

follow-up patches:
https://git.opendaylight.org/gerrit/#/c/67954/
https://git.opendaylight.org/gerrit/#/c/68000/
https://git.opendaylight.org/gerrit/#/c/68523/
https://git.opendaylight.org/gerrit/#/c/69254/
https://git.opendaylight.org/gerrit/#/c/69245/
https://git.opendaylight.org/gerrit/#/c/69481/
https://git.opendaylight.org/gerrit/#/c/69597/
https://git.opendaylight.org/gerrit/#/c/70209/

Comment by Paweł Baniewski [ 16/Sep/19 ]

liguosheng: I have reviewed all merge requests listed in comments above and couldn't find any option to disable hostname verification (I know, not secure indeed) . Can you confirm that current implementation doesn't allow such option and by default hostname verification is enabled?

Generated at Wed Feb 07 20:15:10 UTC 2024 using Jira 8.20.10#820010-sha1:ace47f9899e9ee25d7157d59aa17ab06aee30d3d.

[NETCONF-489] Add TLS support for connecting to a netconf device Created: 04/Dec/17 Updated: 16/Sep/19 Resolved: 07/Aug/18