Configure nova to use https for keystone

Solution Verified - Updated -

Issue

  • We have currently configured keystone to use https with a self-signed certificate and can successfully use keystone via the command line client. However, we can't seem to successfully run any nova commands after making this change. How do we configure nova to use https to communicate with keystone?

Here are the relevant parameters from keystone.conf:

[ssl]
enable = True
certfile = /etc/keystone/pki/certs/ssl_cert.pem
keyfile = /etc/keystone/pki/private/ssl_key.pem
ca_certs = /etc/keystone/pki/certs/cacert.pem
ca_key = /etc/keystone/pki/private/cakey.pem

And nova.conf:

auth_protocol=https
cafile=/etc/keystone/pki/certs/cacert.pem
auth_uri=https://keystone-ip:5000/

Environment

  • Red Hat Enterprise Linux OpenStack Platform 4.0

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.