Allow deploying keystone with SSL certificates Allow providing certificates through environment variables to be used for keystone, and provide the basis for doing this for other services. It cannot be used in conjunction with tls-proxy as the service provides it's own encrypted endpoint. Impletmenting: blueprint devstack-https Change-Id: I8cf4c9c8c8a6911ae56ebcd14600a9d24cca99a0

commit: bd24a8d0f884d27f47834c917c047b54271c1179 [log] [tgz]
author: Jamie Lennox <jamielennox@redhat.com> Fri Sep 20 16:26:42 2013 +1000
committer: Gerrit Code Review <review@openstack.org> Mon Nov 25 22:27:51 2013 +0000
tree: a2fc27d5b90c224c65283dc6bb87cb563d8c4eca
parent: 99da4af55ef0c451983bcc5d7f97e1e22da168ea [diff] [blame]
diff --git a/lib/heat b/lib/heat
index 7a9ef0d..e44a618 100644
--- a/lib/heat
+++ b/lib/heat

@@ -96,6 +96,7 @@
     iniset $HEAT_CONF keystone_authtoken auth_port $KEYSTONE_AUTH_PORT
     iniset $HEAT_CONF keystone_authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
     iniset $HEAT_CONF keystone_authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0
+    iniset $HEAT_CONF keystone_authtoken cafile $KEYSTONE_SSL_CA
     iniset $HEAT_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
     iniset $HEAT_CONF keystone_authtoken admin_user heat
     iniset $HEAT_CONF keystone_authtoken admin_password $SERVICE_PASSWORD
commit	bd24a8d0f884d27f47834c917c047b54271c1179	[log] [tgz]
author	Jamie Lennox <jamielennox@redhat.com>	Fri Sep 20 16:26:42 2013 +1000
committer	Gerrit Code Review <review@openstack.org>	Mon Nov 25 22:27:51 2013 +0000
tree	a2fc27d5b90c224c65283dc6bb87cb563d8c4eca
parent	99da4af55ef0c451983bcc5d7f97e1e22da168ea [diff] [blame]