[Openstack] Resolved: Grizzly-3 Keystone SSL Connection Refused

Dolph Mathews dolph.mathews at gmail.com
Thu Mar 14 22:48:26 UTC 2013


Glad you got it resolved, but can you file a bug on pki_setup not
generating SSL certs? I don't believe I've seen that issue.
https://bugs.launchpad.net/keystone

Thanks!


-Dolph


On Thu, Mar 14, 2013 at 4:58 PM, Miller, Mark M (EB SW Cloud - R&D -
Corvallis) <mark.m.miller at hp.com> wrote:

>  Looks like there’s a bug in pki_setup. It didn’t generate the SSL certs,
> only the signing certs. Workaround is to make ssl using the signing certs
> for now.****
>
> ** **
>
> [ssl]****
>
> enable = True****
>
> certfile = /etc/keystone/ssl/certs/signing_cert.pem****
>
> keyfile = /etc/keystone/ssl/private/signing_key.pem****
>
> ca_certs = /etc/keystone/ssl/certs/ca.pem****
>
> cert_required = False****
>
> ** **
>
> Also, if your keystone process is not running as root, make sure the file
> permissions for the pem files are set properly.****
>
> ** **
>
> Guang****
>
> ** **
>
> ** **
>
> *From:* openstack-bounces+mark.m.miller=hp.com at lists.launchpad.net[mailto:
> openstack-bounces+mark.m.miller=hp.com at lists.launchpad.net] *On Behalf Of
> *Miller, Mark M (EB SW Cloud - R&D - Corvallis)
> *Sent:* Thursday, March 14, 2013 2:31 PM
> *To:* openstack at lists.launchpad.net (openstack at lists.launchpad.net)
> *Subject:* [Openstack] Grizzly-3 Keystone SSL Connection Refused****
>
> ** **
>
> Hello,****
>
> ** **
>
> I was able to setup a Grizzly-2 Keystone server with PKI and SSL enabled
> on an Ubuntu 12.04 server. I updated to Grizzly-3 and am able to enable PKI
> but not SSL. I get “Connection refused”. Has anyone else run into this
> problem? Does anyone else have SSL working with Grizzly-3 Keystone?****
>
> ** **
>
> Regards,****
>
> ** **
>
> Mark****
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack at lists.launchpad.net
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20130314/ef59cfdf/attachment.html>


More information about the Openstack mailing list