What is this issue about?
cf-deployment currently skips verification of certificates for certain inter-component communications by default, with an ops file to stop skipping certificate validation.
We would expect the reverse, that cf-deployment be the most secure by default, with an ops file to make it insecure as desired.
What version of cf-deployment are you using?
cf-deployment v17.1.0
Please include the bosh deploy... command, including all the operations files (plus any experimental operation files you're using):
N/A
Please provide output that helps describe the issue:
N/A
What IaaS is this issue occurring on?
N/A
Is there anything else unique or special about your setup?
N/A
Tag your pair, your PM, and/or team!
@mkocher @acrmp
What is this issue about?
cf-deployment currently skips verification of certificates for certain inter-component communications by default, with an ops file to stop skipping certificate validation.
We would expect the reverse, that cf-deployment be the most secure by default, with an ops file to make it insecure as desired.
What version of cf-deployment are you using?
cf-deployment v17.1.0
Please include the
bosh deploy...command, including all the operations files (plus any experimental operation files you're using):N/A
Please provide output that helps describe the issue:
N/A
What IaaS is this issue occurring on?
N/A
Is there anything else unique or special about your setup?
N/A
Tag your pair, your PM, and/or team!
@mkocher @acrmp