Comment 13 for bug 1206254

Dolph Mathews (dolph) wrote :

Happy to see this opened.

I believe that pki_setup and ssl_setup were originally implemented primarily for developers/devstack to consume, which perhaps explains why some of these issues exist. The assumption is that a "real" deployment will instead be issued certs by an existing external authority, and be provided with that configuration through an outside deployment process.

That said, it is certainly realistic for smaller deployments to rely on these tools but I don't see any reason not to make these improvements publicly.