Ask Your Question

Keystone works with empty signing key?

asked 2015-01-13 07:38:01 -0500

deeghuge gravatar image

While trying out few things i found that keystone even works with empty signing keys? I used admin_token to create the user, tenant and role. The keystone certificate files was empty. No data in key, cert and cacert files. Still i was able to get the token and i was able to list users using the user i created. Is this expected behavior or this is a bug ?

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted

answered 2015-01-13 11:22:55 -0500

Which version of keystone? Current version ( for the past 6 months) of keystone uses UUID as default token format which doesn't need certificates

edit flag offensive delete link more


Yes, UUID is default in the keystone I am using.

deeghuge gravatar imagedeeghuge ( 2015-01-25 12:18:35 -0500 )edit

answered 2015-01-13 07:59:39 -0500


my suspicion is initially when you exported admin_token it will act as an environmental variable, and it stays there till you restart your system or you manually unset those variables.

you have to source credentials in

edit flag offensive delete link more


The default token format is UUID that why it was working.

deeghuge gravatar imagedeeghuge ( 2015-01-25 12:20:13 -0500 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2015-01-13 07:38:01 -0500

Seen: 55 times

Last updated: Jan 13 '15