Create Crypto Kek for Barbican
Issue
For Barbican deployment with SimpleCrypto plugin, it need a Kek (key encryption key). This kek is supposed at fernet format. If the format is not correct, those error message are coming :
openstack secret store --name monsecret --payload ĺudmila
5xx Server error: Internal Server Error: Secret creation failure seen - please contact site administrator.
Internal Server Error: Secret creation failure seen - please contact site administrator.
In /var/log/containers/barbican/main.log we have :
ERROR barbican.api.controllers ValueError: Fernet key must be 32 url-safe base64-encoded bytes.
Environment
Red Hat OpenStack 16.1
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.