Hi folks, I'm currently writing a specification to enable SSL for OSt public endpoint [1]. I'm using HAProxy to manage SSL and I have a question when we are in HA mode (I mean with more than one HAProxy). My first thought was to generate a self-signed certificate with puppet and put this certificate on the controller where it can be used by HAProxy. The problem is if we have several HAProxy. In my scenario there will be several different certificates. So another idea is to generate the self-signed certificate from the fuel master (using the CN of the VIP) and then distribute it to controller nodes through a mechanism like mcollective. Does it make sense to you? Who can help me to find where this can be done into fuel?
Thanks a lot for your help, Best Regards, Guillaume [1] https://review.openstack.org/#/c/102273/
-- Mailing list: https://launchpad.net/~fuel-dev Post to : [email protected] Unsubscribe : https://launchpad.net/~fuel-dev More help : https://help.launchpad.net/ListHelp
