SSL connection to active directory in keystone works not with crt file or tls_cacertdir option
Issue
-
if we set below parameter, SSL connection to active directory in keystone did not work.
tls_cacertdir /etc/pki/ca-trust/source/anchors/
-
Even if we save certificate in the working direcory. Error in keystone log:
/var/log/keystone/keystone.log:2017-10-25 14:40:05.707 566685 ERROR keystone.common.wsgi BackendError: {'info': "TLS error -8179:Peer's Certificate issuer is not recognized.", 'desc': "Can't contact LDAP server"}
Environment
- Red Hat OpenStack Platform Version 10.0
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.