Create PEM files to SSL connection on Keystone

asked 2013-08-29 08:57:05 -0500

marcos-fermin-lobo gravatar image

I'm trying to configure SSL connection for keystone (havana-2 release) such as indicated on this link http://docs.openstack.org/developer/keystone/configuration.html#signing-certificate-issued-by-external-ca (http://docs.openstack.org/developer/k...) .

I have 2 files right now:

newcert.cer
user.cert

Now, how can I obtain the signing_cert.pem, signing_key.pem and cacert.pem files?

Thank you very much.

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted
0

answered 2013-08-30 10:54:26 -0500

marcos-fermin-lobo gravatar image

Thanks Haneef Ali, that solved my question.

edit flag offensive delete link more
0

answered 2013-08-29 21:47:23 -0500

haneef gravatar image

What are those file newcert.cer and user.cert? How did you get it?

I'm assuming external CA means public CA such as verisin, godaddy etc

Cacert.pem -- You should get from the external CA who has singed it. e.g if is well known public CA , then you can also download from the browser as the browser has all the CA certs

cert.pem -- When you submit your cert request file, the external CA will give you a singed file, that is cert.pem

singing_key.pem -- You would have first generated the key, that is the signing key

openssl req -newkey rsa:2048 -keyout signing_key.pem -keyform PEM -out signing_cert_req.pem -outform PEM -config cert_req.conf -nodes

if you had executed the above command, then you would have got the signing_key.pem

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2013-08-29 08:57:05 -0500

Seen: 232 times

Last updated: Aug 30 '13