Octavia ussuri could not decrypt the certs
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
kolla-ansible |
Expired
|
Undecided
|
Unassigned |
Bug Description
---
# You can use this file to override _any_ variable throughout Kolla.
# Additional options can be found in the
# 'kolla-
# commented parameters are shown here, To override the default value uncomment
# the parameter and change its value.
kolla_base_distro: "centos"
kolla_install_type: "source"
openstack_release: "ussuri"
kolla_internal_
network_interface: "enp2s0f0"
neutron_
enable_
neutron_
enable_barbican: "yes"
enable_designate: "yes"
dns_interface: "enp2s0f0"
designate_
designate_backend: "bind9"
enable_manila: "yes"
enable_redis: "yes"
enable_magnum: "yes"
enable_octavia: "yes"
enable_heat: "yes"
magnum_tag: "master"
heat_tag: "master"
glance_
barbican_
barbican_
horizon_port: 80
#octavia_
-------
Both changes are merged with k-a: https:/
-------
Certs were created via off guide - https:/
ls -all /etc/kolla/
total 24
drwxr-xr-x 2 root root 4096 Jun 1 22:23 .
drwxr-xr-x 8 root root 4096 Jun 1 22:22 ..
-rw-r--r-- 1 root root 2017 Jun 1 22:23 client_ca.cert.pem
-rwx------ 1 root root 3460 Jun 1 22:23 client.
-rw-r--r-- 1 root root 2017 Jun 1 22:23 server_ca.cert.pem
-r-------- 1 root root 3326 Jun 1 22:23 server_ca.key.pem
Error message - http://
openssl rsa -in /etc/octavia/
Once Ive added manually -
[certificates] generator certs/server_ ca.cert. pem certs/server_ ca.key. pem key_passphrase = my passphrase (not decoded)
cert_generator = local_cert_
ca_certificate = /etc/octavia/
ca_private_key = /etc/octavia/
ca_private_
[controller_worker] certs/client_ ca.cert. pem
client_ca = /etc/octavia/
[haproxy_amphora] certs/client. cert-and- key.pem certs/server_ ca.cert. pem
client_cert = /etc/octavia/
server_ca = /etc/octavia/
Issue was resolved. However, now I am getting new error related to nova paste.openstack .org/show/ 794260/
http://