18d4778cf7
Configure nova, cinder, glance, swift and neutron to use SSL on the endpoints using either SSL natively or via a TLS proxy using stud. To enable SSL via proxy, in local.conf add ENABLED_SERVICES+=,tls-proxy This will create a new test root CA, a subordinate CA and an SSL server cert. It uses the value of hostname -f for the certificate subject. The CA certicates are also added to the system CA bundle. To enable SSL natively, in local.conf add: USE_SSL=True Native SSL by default will also use the devstack-generate root and subordinate CA. You can override this on a per-service basis by setting <SERVICE>_SSL_CERT=/path/to/cert <SERVICE>_SSL_KEY=/path/to/key <SERVICE>_SSL_PATH=/path/to/ca You should also set SERVICE_HOST to the FQDN of the host. This value defaults to the host IP address. Change-Id: I36fe56c063ca921131ad98439bd452cb135916ac Closes-Bug: 1328226 |
||
|---|---|---|
| .. | ||
| apts | ||
| ldap | ||
| patches | ||
| rpms | ||
| rpms-suse | ||
| swift | ||
| apache-dib-pip-repo.template | ||
| apache-horizon.template | ||
| apache-ironic.template | ||
| apache-keystone.template | ||
| default_catalog.templates | ||
| dnsmasq-for-baremetal-from-nova-network.conf | ||