[openstack-dev] [Fuel] Enable SSL between client and API exposed via public URL with HAProxy

Guillaume Thouvenin thouveng at gmail.com
Thu Aug 21 14:24:17 UTC 2014

On Thu, Aug 21, 2014 at 5:02 PM, Mike Scherbakov <mscherbakov at mirantis.com>

> Guillaume, do I understand right that without implementation of
> https://blueprints.launchpad.net/fuel/+spec/ca-deployment, SSL support
> will not be fully automated? And, consequently, we can not call it as
> complete production ready feature for Fuel users?
Yes you are right.  Without the implementation of the CA deployment  we can
not consider it as ready to use.
To test my deployment I manually copy a self-signed certificate on all
controllers on a predefined location according to what I have in the puppet
manifest. So it's really just for testing. I also write a small puppet
manifest to generate a self signed certificate to deploy it automatically
but it works only for one controller so this solution is also only for

So to have the feature ready for production we need to manage certificate
maybe as a new option into the fuel dashboard.

Best Regards,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140821/2ac195fe/attachment.html>

More information about the OpenStack-dev mailing list