How can I change the self signed certificate that services use?

asked 2015-10-17 06:19:29 -0600

5-jason-h gravatar image

Hello,

I have a kilo install that is using a self signed cert for keystone and horizon. They all seem to be using the same cert. If I update the keystone.conf file, nothing changes. It still uses the default cert. I cannot figure out where its located or what I can edit to use my signed cert.

edit retag flag offensive close merge delete

Comments

Did you check the ssl certificates configured in apache and does keystone is hosted behind apache ?

jayaprakash gravatar imagejayaprakash ( 2015-10-19 02:09:35 -0600 )edit

/etc/apache2/ssl is empty. Thats why I can't figure out how the ssl session is even working.

5-jason-h gravatar image5-jason-h ( 2015-10-19 02:33:35 -0600 )edit

I found the cert in the haproxy config. It doesnt verify by command line when running nova commands but the horizon web works with the new cert.

5-jason-h gravatar image5-jason-h ( 2015-10-21 19:57:46 -0600 )edit