Why Horizon fails to login due to failure to validate Keystone SSL certificate?

Solution Unverified - Updated -

Issue

We are setting up an environment using SSL connections for Keystone. When setting up Horizon, it fails to authenticate users because it cannot verify the Keystone SSL certificate, even though the OPENSTACK_SSL_CACERT variable is properly configured in /etc/openstack-dashboard/local_settings. The error message displayed in the httpd logs (with Django debug output enabled) was:

[Thu Jan 23 18:39:08 2014] [error] DeprecationWarning: Translations in the project directory aren't supported anymore. Use the LOCALE_PATHS setting instead.DeprecationWarning: Authentication backends without a `supports_inactive_user` attribute are deprecated. Please define it in <class 'openstack_auth.backend.KeystoneBackend'>.REQ: curl -i -X POST https://jtechslbvip.hi.inet:5000/v2.0/tokens -H "Content-Type: application/json" -H "User-Agent: python-keystoneclient"
[Thu Jan 23 18:39:08 2014] [error] REQ BODY: {"auth": {"passwordCredentials": {"username": "osadmin", "password": "<redacted>"}}}
[Thu Jan 23 18:39:08 2014] [error]
[Thu Jan 23 18:39:08 2014] [error] INFO:urllib3.connectionpool:Starting new HTTPS connection (1): jtechslbvip.hi.inet
[Thu Jan 23 18:39:08 2014] [error] DeprecationWarning: BaseException.message has been deprecated as of Python 2.6Login failed for user "osadmin".

Environment

  • Red Hat Enterprise Linux Openstack Platform v4.0

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content