[openstack-dev] [neutron][lbaas] Is SSL offload config possible using non "admin" tenant?
Vijay Venkatachalam
Vijay.Venkatachalam at citrix.com
Fri Sep 11 19:35:43 UTC 2015
Hi,
Has anyone tried configuring SSL Offload as a tenant?
During listener creation there is an error thrown saying 'could not locate/find container'.
The lbaas plugin is not able to fetch the tenant's certificate.
From the code it looks like the lbaas plugin is tyring to connect to barbican with keystone details provided in neutron.conf
Which is by default username = "admin" and tenant_name ="admin".
This means lbaas plugin is looking for tenant's ceritifcate in "admin" tenant, which it will never be able to find.
What is the procedure for the lbaas plugin to get hold of the tenant's certificate?
Assuming "admin" user has access to all tenant's certificates. Should the lbaas plugin connect to barbican with username='admin' and tenant_name = listener's tenant_name?
Is this, the way forward ? *OR* Am I missing something?
Thanks,
Vijay V.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150911/75fe0c5b/attachment.html>
More information about the OpenStack-dev
mailing list