SSL in Openstack

asked 2015-02-03 09:14:49 -0600

Ionut Hulub gravatar image

I've managed to set up SSL on the dashboard, keystone, glance, neutron, mysql.

Here are my questions:

1) Is there a way to enable SSL in nova (and how)?

I've added ssl_cert_file and ssl_key_file to nova.conf but it doesn't seem to have any effect.

2) Is there a way to tell nova to connect to glance securely (and how)?

The only option to make nova connect to a secure glance endpoint seems to be to add the insecure = True flag. Is there any option to specify a truststore like registry_client_ca_file in glance.conf?

3) How can you specify which truststore to use when connecting to qpid (and how)?

Rabbit has an option called kombu_ssl_ca_certs. Can the same option be used for qpid?

edit retag flag offensive close merge delete

3 answers

Sort by ยป oldest newest most voted

answered 2015-02-03 23:43:03 -0600

Vinoth gravatar image

Have a look at this. This May help,

edit flag offensive delete link more


No, it doesn't help. Did you read the question?

Ionut Hulub gravatar imageIonut Hulub ( 2015-02-04 03:24:35 -0600 )edit

answered 2015-02-04 06:27:11 -0600

schegi gravatar image

Just enabling SSL for Nova, like for keystone etc. is not possible as far as i know. But i found this (not tried yet) to at least enable SSL for the openstack Rest API calls. Maybe this helps.

edit flag offensive delete link more


I was wondering if Nova has support for SSL integrated. I don't want to use apache as an SSL proxy. Thanks.

Ionut Hulub gravatar imageIonut Hulub ( 2015-02-04 08:40:01 -0600 )edit

answered 2015-02-05 11:58:11 -0600

smaffulli gravatar image

There is documentation to Configure SSL support for networking API and Configure the Identity Service with SSL and the good old Security Guide that may help you shed some more light.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2015-02-03 09:13:57 -0600

Seen: 336 times

Last updated: Feb 05 '15