From 28ef9cdcc6073c2f6600d30b401dcbce81afd4df Mon Sep 17 00:00:00 2001
From: Jamie Lennox <jlennox@redhat.com>
Date: Thu, 4 Apr 2013 17:44:01 +1000
Subject: Generate HTTPS certificates with ssl_setup.

Extracts common OpenSSL functionality from pki_setup and adds a new cli
command ssl_setup which re-uses this base to generate SSL certificates
for https.

Change-Id: Ia34827583bcdfbd871133250681010e642271f07
Fixes: bug 1155361
---
 etc/keystone.conf.sample | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'etc')

diff --git a/etc/keystone.conf.sample b/etc/keystone.conf.sample
index ee2a562e..5ebddea4 100644
--- a/etc/keystone.conf.sample
+++ b/etc/keystone.conf.sample
@@ -123,7 +123,11 @@
 #certfile = /etc/keystone/ssl/certs/keystone.pem
 #keyfile = /etc/keystone/ssl/private/keystonekey.pem
 #ca_certs = /etc/keystone/ssl/certs/ca.pem
-#cert_required = True
+#key_size = 1024
+#valid_days = 3650
+#ca_password = None
+#cert_required = False
+#cert_subject = /C=US/ST=Unset/L=Unset/O=Unset/CN=localhost
 
 [signing]
 #token_format = PKI
@@ -133,6 +137,7 @@
 #key_size = 1024
 #valid_days = 3650
 #ca_password = None
+#cert_subject = /C=US/ST=Unset/L=Unset/O=Unset/CN=www.example.com
 
 [ldap]
 # url = ldap://localhost
-- 
cgit