v3 PKI token requests result in 500 error when run in apache
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Medium
|
Adam Young | ||
python-keystoneclient |
Fix Released
|
High
|
Adam Young |
Bug Description
A 500 Internal Server Error is generated when requests are issued to /v3/auth/tokens
mkdir /var/www/
ln /usr/share/
ln /usr/share/
/etc/httpd/
Listen 5000
<VirtualHost *:5000>
WSGIScriptAlias / /var/www/
<Location />
AuthType None
</Location>
</VirtualHost>
Listen 35357
<VirtualHost *:35357>
WSGIScriptAlias / /var/www/
<Location />
AuthType None
</Location>
</VirtualHost>
Using version:
python-
keystone.conf
[signing]
token_format = PKI
testuser:
keystone user-create --name tester --pass tester --email <email address hidden>
keystone role-create --name tester
keystone tenant-create --name tester
keystone user-role-add --user-id {USER_ID} --role-id {ROLE_ID} --tenant-id {TENANT_ID}
Request:
curl -H "Content-type: application/json" -d '{"auth": {"identity": {"methods": ["password"], "password": {"user": {"domain": {"name": "Default"}, "name": "tester"
Note:
The issues is not present if UUID tokens are used.
tags: | added: low-hanging-fruit |
Changed in keystone: | |
assignee: | nobody → Adam Young (ayoung) |
Changed in python-keystoneclient: | |
status: | New → Confirmed |
assignee: | nobody → Adam Young (ayoung) |
importance: | Undecided → High |
Changed in python-keystoneclient: | |
milestone: | none → 0.6.0 |
Changed in keystone: | |
milestone: | none → icehouse-3 |
Changed in python-keystoneclient: | |
status: | Confirmed → In Progress |
Changed in python-keystoneclient: | |
milestone: | 0.6.0 → 0.7.0 |
Changed in keystone: | |
milestone: | icehouse-3 → icehouse-rc1 |
Changed in keystone: | |
milestone: | icehouse-rc1 → none |
Changed in python-keystoneclient: | |
assignee: | Adam Young (ayoung) → David Stanek (dstanek) |
Changed in python-keystoneclient: | |
milestone: | 0.7.0 → 0.8.0 |
Changed in python-keystoneclient: | |
milestone: | 0.8.0 → 0.9.0 |
Changed in python-keystoneclient: | |
assignee: | David Stanek (dstanek) → Adam Young (ayoung) |
Changed in python-keystoneclient: | |
assignee: | Adam Young (ayoung) → Morgan Fainberg (mdrnstm) |
Changed in python-keystoneclient: | |
assignee: | Morgan Fainberg (mdrnstm) → Adam Young (ayoung) |
Changed in python-keystoneclient: | |
status: | Fix Committed → Fix Released |
summary: |
- v3 token requests result in 500 error when run in apache + v3 PKI token requests result in 500 error when run in apache |
tags: | added: pki |
There's not really any information here to debug a 500 (a backtrace should definitely be logged for all 500s). My best blind guess is that you didn't provide certificates (for example, `$ keystone-manage pki_setup`) or there's something wrong with the openssl installation (version <1.0?).