commit 18d4778cf7bffa60eb2e996a13c129c64f83575f
Author: Rob Crittenden <email address hidden>
Date: Wed Mar 19 17:47:42 2014 -0400
Configure endpoints to use SSL natively or via proxy
Configure nova, cinder, glance, swift and neutron to use SSL
on the endpoints using either SSL natively or via a TLS proxy
using stud.
To enable SSL via proxy, in local.conf add
ENABLED_SERVICES+=,tls-proxy
This will create a new test root CA, a subordinate CA and an SSL
server cert. It uses the value of hostname -f for the certificate
subject. The CA certicates are also added to the system CA bundle.
To enable SSL natively, in local.conf add:
USE_SSL=True
Native SSL by default will also use the devstack-generate root and
subordinate CA.
You can override this on a per-service basis by setting
Reviewed: https:/ /review. openstack. org/98854 /git.openstack. org/cgit/ openstack- dev/devstack/ commit/ ?id=18d4778cf7b ffa60eb2e996a13 c129c64f83575f
Committed: https:/
Submitter: Jenkins
Branch: master
commit 18d4778cf7bffa6 0eb2e996a13c129 c64f83575f
Author: Rob Crittenden <email address hidden>
Date: Wed Mar 19 17:47:42 2014 -0400
Configure endpoints to use SSL natively or via proxy
Configure nova, cinder, glance, swift and neutron to use SSL
on the endpoints using either SSL natively or via a TLS proxy
using stud.
To enable SSL via proxy, in local.conf add
ENABLED_ SERVICES+ =,tls-proxy
This will create a new test root CA, a subordinate CA and an SSL
server cert. It uses the value of hostname -f for the certificate
subject. The CA certicates are also added to the system CA bundle.
To enable SSL natively, in local.conf add:
USE_SSL=True
Native SSL by default will also use the devstack-generate root and
subordinate CA.
You can override this on a per-service basis by setting
<SERVICE> _SSL_CERT= /path/to/ cert _SSL_KEY= /path/to/ key _SSL_PATH= /path/to/ ca
<SERVICE>
<SERVICE>
You should also set SERVICE_HOST to the FQDN of the host. This
value defaults to the host IP address.
Change-Id: I36fe56c063ca92 1131ad98439bd45 2cb135916ac
Closes-Bug: 1328226