From 25a16117281c4ecc2ddae6b52d2d1ac6cd83a076 Mon Sep 17 00:00:00 2001 From: Miguel Cantu Date: Wed, 30 Sep 2015 17:01:32 +0000 Subject: [PATCH] Adds insecure vars to configure-sslcertificate This patch set add the insecure vars to the ssl docs. Change-Id: I1bcfccc18b475272bd762c487cbeda8a6205e955 Closes-Bug: #1501414 --- doc/source/install-guide/configure-sslcertificates.rst | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/doc/source/install-guide/configure-sslcertificates.rst b/doc/source/install-guide/configure-sslcertificates.rst index 8ebd7deff5..78fce82b3f 100644 --- a/doc/source/install-guide/configure-sslcertificates.rst +++ b/doc/source/install-guide/configure-sslcertificates.rst @@ -32,7 +32,15 @@ Self-signed certificates Self-signed certificates make it easy to get started quickly and they ensure data is encrypted in transit, but they don't provide a high level of trust for highly secure environments. The use of self-signed certificates is -currently the default in openstack-ansible. +currently the default in openstack-ansible. When self-signed certificates are +being used, certificate verification must be disabled using the following +user variables depending on your configuration. These variables can be added +in ``/etc/openstack_deploy/user_variables.yml``. + +.. code-block:: yaml + + keystone_service_adminuri_insecure: true + keystone_service_internaluri_insecure: true Setting self-signed certificate subject data ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^