Ask Your Question
0

Keystone works with empty signing key?

asked 2015-01-13 07:38:01 -0500

deeghuge gravatar image

While trying out few things i found that keystone even works with empty signing keys? I used admin_token to create the user, tenant and role. The keystone certificate files was empty. No data in key, cert and cacert files. Still i was able to get the token and i was able to list users using the user i created. Is this expected behavior or this is a bug ?

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted
1

answered 2015-01-13 11:22:55 -0500

Which version of keystone? Current version ( for the past 6 months) of keystone uses UUID as default token format which doesn't need certificates

edit flag offensive delete link more

Comments

Yes, UUID is default in the keystone I am using.

deeghuge gravatar imagedeeghuge ( 2015-01-25 12:18:35 -0500 )edit
1

answered 2015-01-13 07:59:39 -0500

hello,

my suspicion is initially when you exported admin_token it will act as an environmental variable, and it stays there till you restart your system or you manually unset those variables.

you have to source credentials in admin-openrc.sh

edit flag offensive delete link more

Comments

The default token format is UUID that why it was working.

deeghuge gravatar imagedeeghuge ( 2015-01-25 12:20:13 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-01-13 07:38:01 -0500

Seen: 35 times

Last updated: Jan 13 '15