← Back to team overview

openstack team mailing list archive

Resolved: Grizzly-3 Keystone SSL Connection Refused


Looks like there's a bug in pki_setup. It didn't generate the SSL certs, only the signing certs. Workaround is to make ssl using the signing certs for now.

enable = True
certfile = /etc/keystone/ssl/certs/signing_cert.pem
keyfile = /etc/keystone/ssl/private/signing_key.pem
ca_certs = /etc/keystone/ssl/certs/ca.pem
cert_required = False

Also, if your keystone process is not running as root, make sure the file permissions for the pem files are set properly.


From: openstack-bounces+mark.m.miller=hp.com@xxxxxxxxxxxxxxxxxxx [mailto:openstack-bounces+mark.m.miller=hp.com@xxxxxxxxxxxxxxxxxxx] On Behalf Of Miller, Mark M (EB SW Cloud - R&D - Corvallis)
Sent: Thursday, March 14, 2013 2:31 PM
To: openstack@xxxxxxxxxxxxxxxxxxx (openstack@xxxxxxxxxxxxxxxxxxx)
Subject: [Openstack] Grizzly-3 Keystone SSL Connection Refused


I was able to setup a Grizzly-2 Keystone server with PKI and SSL enabled on an Ubuntu 12.04 server. I updated to Grizzly-3 and am able to enable PKI but not SSL. I get "Connection refused". Has anyone else run into this problem? Does anyone else have SSL working with Grizzly-3 Keystone?



Follow ups