Comment 2 for bug 1730631

The impact is metadata ssl encryption feature "vRouter support for SSL meta-data service when proxying" won't work without the server side config in nova.conf

Expectation is when:-

    "contrail_4": {
         "metadata_ssl_enable": true,

is set to true, nova side config should be updated with below parameters

enabled_ssl_apis= metadata
nova_metadata_protocol= https
nova_metadata_insecure= False
ssl_cert_file= /etc/nova/ssl/certs/nova.pem
ssl_key_file= /etc/nova/ssl/private/novakey.pem
ssl_ca_file= /etc/nova/ssl/certs/ca.pem

All the changes to support this till date has gone into puppet side to configure openstack and here are few bugs that were filled related to that:-
https://bugs.launchpad.net/juniperopenstack/+bug/1711049
https://bugs.launchpad.net/juniperopenstack/+bug/1721834
https://bugs.launchpad.net/juniperopenstack/+bug/1724468

Similarly this needs to be taken care for Ocata where nova is being provisioned using kolla.