The ask.openstack.org website will be read-only from now on. Please ask questions on the openstack-discuss mailing-list, stackoverflow.com for coding or serverfault.com for operations.
 | 1 | initial version |
Update /etc/cinder/cinder.conf
[keystone_authtoken]
cert = /etc/apache2/ssl/client.pem
key = /etc/apache2/ssl/apache-key.pem
insecure = true
Update /etc/nova/nova.conf
[cinder]
certfile = /etc/apache2/ssl/client.pem
keyfile = /etc/apache2/ssl/apache-key.pem
insecure = true
Update /etc/apache2/conf-enabled/cinder-wsgi.conf
In /etc/apache2/conf-enabled/ location cinder-wsgi.conf will be available, this file is used to configure Self-Signed Certificate for Cinder API service endpoints
Add the key file and certificate in <virtualhost *:8776="">
After this, make the changes in endpoint urls from http to https in Database or recreate the endpoints with https url .Then, populate the keystone database by using this command su -s /bin/sh -c "keystone-manage db_sync" keystone and restart cinder services.
Check this configuration by issuing this command openstack volume service list --insecure
| | 2 | No.2 Revision |
Update /etc/cinder/cinder.conf
[keystone_authtoken]
cert = /etc/apache2/ssl/client.pem
key = /etc/apache2/ssl/apache-key.pem
insecure = true
Update /etc/nova/nova.conf
[cinder]
certfile = /etc/apache2/ssl/client.pem
keyfile = /etc/apache2/ssl/apache-key.pem
insecure = true
Update /etc/apache2/conf-enabled/cinder-wsgi.conf
In /etc/apache2/conf-enabled/ location cinder-wsgi.conf will be available, this file is used to configure Self-Signed Certificate for Cinder API service endpoints
Add the key file and certificate in <virtualhost *:8776="">
After this, make the changes in endpoint urls from http to https in Database or recreate the endpoints with https url .Then, populate the keystone database by using this command su -s /bin/sh -c "keystone-manage db_sync" keystone and restart cinder services.
Check this configuration by issuing this command openstack volume service list --insecure --insecure
