← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1275823] Re: RFE: default keystone.conf file should point to correct paths for cert files

 

** Changed in: keystone
       Status: Fix Committed => Fix Released

** Changed in: keystone
    Milestone: None => juno-1

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1275823

Title:
  RFE: default keystone.conf file should point to correct paths for cert
  files

Status in OpenStack Identity (Keystone):
  Fix Released

Bug description:
  To enable ssl in keystone, you have to uncomment the following lines in kestone.conf:
  #enable = True
  #certfile = /etc/keystone/pki/certs/ssl_cert.pem
  #keyfile = /etc/keystone/pki/private/ssl_key.pem
  #ca_certs = /etc/keystone/pki/certs/cacert.pem
  #ca_key = /etc/keystone/pki/private/cakey.pem

  The above file paths are invalid in the default keystone setup. The correct paths are:
  certfile = /etc/keystone/ssl/certs/ca.pem
  keyfile = /etc/keystone/ssl/certs/cakey.pem
  ca_certs = /etc/keystone/ssl/certs/signing_cert.pem
  ca_key = /etc/keystone/ssl/private/signing_key.pem

  The default keystone.conf file should already have the correct paths
  in it, even if they are commented out.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1275823/+subscriptions


References