I see lots of questions on this, but no solid answers I can find.
I would like to use https, not http, for the keystone/identity endpoints (at least the public one). How is this done, anyone know? For Mitaka, Newton, or whatever release coming up. I can set up a devstack to test it with, but I find this question a bit hard to answer anywhere....any help out there? Thanks!
The security guide has an answer.
There is also a book that seems to treat this subject (free trial available).
And blogs, like this one (slightly old though).
For devstack specifically, perhaps this helps.
YEah, I have found all of those already. It's not as simple as just enabling it apparently. I have been trying for some time today to get a devstack going with SSL=True to no avail (unrelated failures I guess, devstack is always tricky for me for some reason) Thanks for the reply. I
Ran out of space....I'll continue to try with devstack, using neutron enabled option as well.
I don't really use devstack to install OpenStack but keystone is implemented on top of Apache so If you want keystone to use https. it should be just the standard way of making apache use https and then updating your endpoint to use https
Asked: 2017-02-24 15:18:48 -0500
Seen: 1,517 times
Last updated: Feb 26 '17
