Ask Your Question

Revision history [back]

This is an issue of fernet-keys not being synced. All nodes hosting keystone shall have the same keys.

[root@controller3 ~]# ll /etc/keystone/fernet-keys/ total 12 -rw------- 1 keystone keystone 44 Apr 10 07:44 0 -rw------- 1 keystone keystone 44 Apr 9 06:50 1 -rw------- 1 keystone keystone 44 Apr 9 06:50 20 2

Copy the keys 0,1 and 2 (you may have 0 and 1 only - additional keys are added when keys are rotated with keystone-manage command) across other nodes hosting keystone.

Also set in /etc/keystone/keystone.conf

[fernet_tokens] key_repository = /etc/keystone/fernet-keys/