yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #15859
[Bug 1275823] Re: RFE: default keystone.conf file should point to correct paths for cert files
** Changed in: keystone
Status: Fix Committed => Fix Released
** Changed in: keystone
Milestone: None => juno-1
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1275823
Title:
RFE: default keystone.conf file should point to correct paths for cert
files
Status in OpenStack Identity (Keystone):
Fix Released
Bug description:
To enable ssl in keystone, you have to uncomment the following lines in kestone.conf:
#enable = True
#certfile = /etc/keystone/pki/certs/ssl_cert.pem
#keyfile = /etc/keystone/pki/private/ssl_key.pem
#ca_certs = /etc/keystone/pki/certs/cacert.pem
#ca_key = /etc/keystone/pki/private/cakey.pem
The above file paths are invalid in the default keystone setup. The correct paths are:
certfile = /etc/keystone/ssl/certs/ca.pem
keyfile = /etc/keystone/ssl/certs/cakey.pem
ca_certs = /etc/keystone/ssl/certs/signing_cert.pem
ca_key = /etc/keystone/ssl/private/signing_key.pem
The default keystone.conf file should already have the correct paths
in it, even if they are commented out.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1275823/+subscriptions
References