1. devstack
  2. Commit 5119f6b8b75307e4f1fa764c0c56d3953a18e2ed
Browse code

Setup PKI for Keystone

Required for http://wiki.openstack.org/PKI
specifically Delegation and Scaling section

when complete, you should see certificates and keys in
/etc/keystone/ssl

The important files are:

/etc/keystone/ssl/private/signing_key.pem
/etc/keystone/ssl/certs/ca.pem
/etc/keystone/ssl/certs/signing_cert.pem

Change-Id: Iece395413af767042235d6e1cc0421879a810044

Adam Young authored on 2012/06/28 10:23:38
Showing 1 changed files
stack.sh
History View file @ 5119f6b
... ... 
@@ -1928,6 +1928,8 @@ if is_service_enabled key; then
1928 1928
1929 1929 
     # Set up the keystone database
1930 1930 
     $KEYSTONE_DIR/bin/keystone-manage db_sync
1931 
+    # set up certificates
1932 
+    $KEYSTONE_DIR/bin/keystone-manage pki_setup
1931 1933
1932 1934 
     # launch keystone and wait for it to answer before continuing
1933 1935 
     screen_it key "cd $KEYSTONE_DIR && $KEYSTONE_DIR/bin/keystone-all --config-file $KEYSTONE_CONF $KEYSTONE_LOG_CONFIG -d --debug"