Comment 0 for bug 1573766

oslo middleware provides a paste filter that sets the correct proxy scheme and host. This is needed for the TLS proxy case.

Without this then enabling the TLS proxy in devstack will fail configuring tempest because 'nova flavor-list' returns a http scheme in Location in a redirect it returns.

I've proposed a temporary workaround in devstack using:

+ iniset $NOVA_API_PASTE_INI filter:ssl_header_handler past
e.filter_factory oslo_middleware.http_proxy_to_wsgi:HTTPProxyToWSGI.factory
+ iniset $NOVA_API_PASTE_INI composite:openstack_compute_ap
i_v21 keystone "ssl_header_handler cors compute_req_id faultwrap sizelimit autht
oken keystonecontext osapi_compute_app_v21"

But this isn't a long-term solution because two copies of the default paste filters will need to be maintained.

See https://review.openstack.org/#/c/301172