On 2/10/15 3:40 PM, Gui Maluf wrote:
Something wrong with my certificates and Keystone, cause changing to
self-signed certificates everything is working.
There is an undocumented (in the usual places) for keystone middleware
to point at the CA file for your certificates.
http://docs.openstack.org/developer/keystonemiddleware/middlewarearchitecture.html#configuration-options
Of note,
cafile: (optional, defaults to use system CA bundle) the path to a PEM
encoded CA file/bundle that will be used to verify HTTPS connections.
These go in each of your API services' [keystone_authtoken] section,
which configures keystone middleware.
I've filed a bug already that this documentation doesn't exist in the
config references for each service.
--
-jlk
_______________________________________________
OpenStack-operators mailing list
[email protected]
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
