Ask Your Question

How to enable https for keystone endpoints?

asked 2017-02-24 15:18:48 -0500

dalexander gravatar image

I see lots of questions on this, but no solid answers I can find.

I would like to use https, not http, for the keystone/identity endpoints (at least the public one). How is this done, anyone know? For Mitaka, Newton, or whatever release coming up. I can set up a devstack to test it with, but I find this question a bit hard to answer anywhere....any help out there? Thanks!

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted

answered 2017-02-24 16:40:00 -0500

The security guide has an answer.

There is also a book that seems to treat this subject (free trial available).

And blogs, like this one (slightly old though).

For devstack specifically, perhaps this helps.

edit flag offensive delete link more


YEah, I have found all of those already. It's not as simple as just enabling it apparently. I have been trying for some time today to get a devstack going with SSL=True to no avail (unrelated failures I guess, devstack is always tricky for me for some reason) Thanks for the reply. I

dalexander gravatar imagedalexander ( 2017-02-24 17:03:13 -0500 )edit

Ran out of space....I'll continue to try with devstack, using neutron enabled option as well.

dalexander gravatar imagedalexander ( 2017-02-24 17:03:42 -0500 )edit

answered 2017-02-26 14:41:39 -0500

raddaoui gravatar image

I don't really use devstack to install OpenStack but keystone is implemented on top of Apache so If you want keystone to use https. it should be just the standard way of making apache use https and then updating your endpoint to use https

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2017-02-24 15:18:48 -0500

Seen: 1,817 times

Last updated: Feb 26 '17