yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1275823] Re: RFE: default keystone.conf file should point to correct paths for cert files

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Thierry Carrez <thierry.carrez+lp@xxxxxxxxx>
Date: Wed, 11 Jun 2014 15:01:24 -0000
Reply-to: Bug 1275823 <1275823@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: keystone
       Status: Fix Committed => Fix Released

** Changed in: keystone
    Milestone: None => juno-1

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1275823

Title:
  RFE: default keystone.conf file should point to correct paths for cert
  files

Status in OpenStack Identity (Keystone):
  Fix Released

Bug description:
  To enable ssl in keystone, you have to uncomment the following lines in kestone.conf:
  #enable = True
  #certfile = /etc/keystone/pki/certs/ssl_cert.pem
  #keyfile = /etc/keystone/pki/private/ssl_key.pem
  #ca_certs = /etc/keystone/pki/certs/cacert.pem
  #ca_key = /etc/keystone/pki/private/cakey.pem

  The above file paths are invalid in the default keystone setup. The correct paths are:
  certfile = /etc/keystone/ssl/certs/ca.pem
  keyfile = /etc/keystone/ssl/certs/cakey.pem
  ca_certs = /etc/keystone/ssl/certs/signing_cert.pem
  ca_key = /etc/keystone/ssl/private/signing_key.pem

  The default keystone.conf file should already have the correct paths
  in it, even if they are commented out.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1275823/+subscriptions

References

[Bug 1275823] [NEW] RFE: default keystone.conf file should point to correct paths for cert files
From: Udi Kalifon, 2014-02-03