yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1155361] Re: keystone-manage pki_setup does not create pem files

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Thierry Carrez <thierry.carrez+lp@xxxxxxxxx>
Date: Wed, 29 May 2013 08:46:58 -0000
Reply-to: Bug 1155361 <1155361@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: keystone
       Status: Fix Committed => Fix Released

** Changed in: keystone
    Milestone: None => havana-1

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1155361

Title:
  keystone-manage pki_setup does not create pem files

Status in OpenStack Identity (Keystone):
  Fix Released

Bug description:
  Looks like there’s a bug in pki_setup. It didn’t generate the SSL
  certs, only the signing certs. Workaround is to make ssl using the
  signing certs for now.

  [ssl]
  enable = True
  certfile = /etc/keystone/ssl/certs/signing_cert.pem
  keyfile = /etc/keystone/ssl/private/signing_key.pem
  ca_certs = /etc/keystone/ssl/certs/ca.pem
  cert_required = False

  Also, if your keystone process is not running as root, make sure the
  file perms for the pem files are set properly.

  
  Guang

  -----------

  [ssl]
  enable = True
  #enable = False
  certfile = /etc/keystone/ssl/certs/keystone.pem
  keyfile = /etc/keystone/ssl/private/keystonekey.pem
  ca_certs = /etc/keystone/ssl/certs/ca.pem
  cert_required = False

  Mark

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1155361/+subscriptions