[kolla][ssl] Deploy third-party SSL for HAProxy
Satish Patel
satish.txt at gmail.com
Wed Sep 28 21:00:11 UTC 2022
Folks,
I have GoDaddy SSL cert and trying to deploy with kolla but little big
confused with this doc
https://docs.openstack.org/kolla-ansible/latest/admin/tls.html
I have a single interface for internal/external vip and try following
config to deploy SSL/TLS for haproxy and other services.
---
openstack_release: "wallaby"
kolla_internal_vip_address: "10.73.0.180"
kolla_external_vip_address: "{{ kolla_internal_vip_address }}"
network_interface: "eth0"
neutron_external_interface: "eth1"
# TLS
kolla_enable_tls_internal: "yes"
kolla_certificates_dir: "/etc/kolla/certificates"
kolla_internal_fqdn_cert: "{{ kolla_certificates_dir }}/my_company_cert.pem"
When i run "kolla-ansible -i multinode certificates" command it deploy
something but then i found it generated certificate itself (self-sign) in
/etc/kolla/cacertificates directory and override my third-party cert
When I tried in the browser https://foobar.com it didn't connect to 443
port that means it did not enable SSL. Am I missing something here?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.openstack.org/pipermail/openstack-discuss/attachments/20220928/bbb9193d/attachment.htm>
More information about the openstack-discuss
mailing list