Generate HTTPS certificates with ssl_setup.

Extracts common OpenSSL functionality from pki_setup and adds a new cli command ssl_setup which re-uses this base to generate SSL certificates for https. Change-Id: Ia34827583bcdfbd871133250681010e642271f07 Fixes: bug 1155361
author: Jamie Lennox <jlennox@redhat.com> 2013-04-04 17:44:01 +1000
committer: Jamie Lennox <jlennox@redhat.com> 2013-04-11 14:41:15 +1000
commit: 28ef9cdcc6073c2f6600d30b401dcbce81afd4df (patch)
tree: 954fa9f9dce47b8b320ceb3fca3f6c8a83855c9d /etc
parent: cbac77110ee1d7b9abc5a23f973dab27e8b32015 (diff)
download: keystone-28ef9cdcc6073c2f6600d30b401dcbce81afd4df.tar.gz
keystone-28ef9cdcc6073c2f6600d30b401dcbce81afd4df.tar.xz
keystone-28ef9cdcc6073c2f6600d30b401dcbce81afd4df.zip
1 files changed, 6 insertions, 1 deletions
diff --git a/etc/keystone.conf.sample b/etc/keystone.conf.sample
index ee2a562e..5ebddea4 100644
--- a/etc/keystone.conf.sample
+++ b/etc/keystone.conf.sample
@@ -123,7 +123,11 @@
 #certfile = /etc/keystone/ssl/certs/keystone.pem
 #keyfile = /etc/keystone/ssl/private/keystonekey.pem
 #ca_certs = /etc/keystone/ssl/certs/ca.pem
-#cert_required = True
+#key_size = 1024
+#valid_days = 3650
+#ca_password = None
+#cert_required = False
+#cert_subject = /C=US/ST=Unset/L=Unset/O=Unset/CN=localhost
 
 [signing]
 #token_format = PKI
@@ -133,6 +137,7 @@
 #key_size = 1024
 #valid_days = 3650
 #ca_password = None
+#cert_subject = /C=US/ST=Unset/L=Unset/O=Unset/CN=www.example.com
 
 [ldap]
 # url = ldap://localhost
author	Jamie Lennox <jlennox@redhat.com>	2013-04-04 17:44:01 +1000
committer	Jamie Lennox <jlennox@redhat.com>	2013-04-11 14:41:15 +1000
commit	28ef9cdcc6073c2f6600d30b401dcbce81afd4df (patch)
tree	954fa9f9dce47b8b320ceb3fca3f6c8a83855c9d /etc
parent	cbac77110ee1d7b9abc5a23f973dab27e8b32015 (diff)
download	keystone-28ef9cdcc6073c2f6600d30b401dcbce81afd4df.tar.gz keystone-28ef9cdcc6073c2f6600d30b401dcbce81afd4df.tar.xz keystone-28ef9cdcc6073c2f6600d30b401dcbce81afd4df.zip