1. devstack
  2. Commit 3c251b802302d7af8990ce2c9f9eec908bc90043
Browse code

Merge "Move certificate setup earlier in deployment"

Jenkins authored on 2016/11/18 05:48:09
Showing 3 changed files
lib/tls
History View file @ 3c251b8
... ... 
@@ -201,7 +201,6 @@ subjectAltName          = \$ENV::SUBJECT_ALT_NAME
201 201 
 # Create root and intermediate CAs
202 202 
 # init_CA
203 203 
 function init_CA {
204 
-    fix_system_ca_bundle_path
205 204 
     # Ensure CAs are built
206 205 
     make_root_CA $ROOT_CA_DIR
207 206 
     make_int_CA $INT_CA_DIR $ROOT_CA_DIR
stack.sh
History View file @ 3c251b8
... ... 
@@ -809,6 +809,13 @@ if is_service_enabled cinder nova; then
809 809 
     install_os_brick
810 810 
 fi
811 811
812 
+# Setup TLS certs
813 
+if is_service_enabled tls-proxy || [ "$USE_SSL" == "True" ]; then
814 
+    configure_CA
815 
+    init_CA
816 
+    init_cert
817 
+fi
818 
+
812 819 
 # Install middleware
813 820 
 install_keystonemiddleware
814 821
... ... 
@@ -881,14 +888,9 @@ if is_service_enabled heat; then
881 881 
 fi
882 882
883 883 
 if is_service_enabled tls-proxy || [ "$USE_SSL" == "True" ]; then
884 
-    configure_CA
885 
-    init_CA
886 
-    init_cert
887 
-    # Add name to ``/etc/hosts``.
888 
-    # Don't be naive and add to existing line!
884 
+    fix_system_ca_bundle_path
889 885 
 fi
890 886
891 
-
892 887 
 # Extras Install
893 888 
 # --------------
894 889
tools/make_cert.sh
History View file @ 3c251b8
... ... 
@@ -45,6 +45,7 @@ DEVSTACK_CERT=$DATA_DIR/$DEVSTACK_CERT_NAME.pem
45 45
46 46 
 # Make sure the CA is set up
47 47 
 configure_CA
48 
+fix_system_ca_bundle_path
48 49 
 init_CA
49 50
50 51 
 # Create the server cert