openstack/keystone
Code Issues Proposed changes

document pki_setup and ssl_setup in keystone.conf.sample

Browse Source 
Change-Id: I9630bfa623dbdb470b89978ebb4a8ec026c5e793
Closes-Bug: 1275823
This commit is contained in:
Dolph Mathews 2014-05-29 10:16:11 -05:00
parent 93bc881553
commit 6ed054951e
2 changed files with 16 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
etc/keystone.conf.sample
View File

@ -1176,7 +1176,10 @@
# (string value) # (string value)
#token_format=<None> #token_format=<None>
# Path of the certfile for token signing. (string value) # Path of the certfile for token signing. For non-production
# environments, you may be interested in using `keystone-
# manage pki_setup` to generate self-signed certificates.
# (string value)
#certfile=/etc/keystone/ssl/certs/signing_cert.pem #certfile=/etc/keystone/ssl/certs/signing_cert.pem
# Path of the keyfile for token signing. (string value) # Path of the keyfile for token signing. (string value)
@ -1211,7 +1214,10 @@
# (boolean value) # (boolean value)
#enable=false #enable=false
# Path of the certfile for SSL. (string value) # Path of the certfile for SSL. For non-production
# environments, you may be interested in using `keystone-
# manage ssl_setup` to generate self-signed certificates.
# (string value)
#certfile=/etc/keystone/ssl/certs/keystone.pem #certfile=/etc/keystone/ssl/certs/keystone.pem
# Path of the keyfile for SSL. (string value) # Path of the keyfile for SSL. (string value)

10
keystone/common/config.py
View File

@ -288,7 +288,10 @@ FILE_OPTIONS = {
'eventlet servers.'), 'eventlet servers.'),
cfg.StrOpt('certfile', cfg.StrOpt('certfile',
default="/etc/keystone/ssl/certs/keystone.pem", default="/etc/keystone/ssl/certs/keystone.pem",
help='Path of the certfile for SSL.'), help='Path of the certfile for SSL. For non-production '
'environments, you may be interested in using '
'`keystone-manage ssl_setup` to generate self-signed '
'certificates.'),
cfg.StrOpt('keyfile', cfg.StrOpt('keyfile',
default='/etc/keystone/ssl/private/keystonekey.pem', default='/etc/keystone/ssl/private/keystonekey.pem',
help='Path of the keyfile for SSL.'), help='Path of the keyfile for SSL.'),
@ -317,7 +320,10 @@ FILE_OPTIONS = {
'[token] section.'), '[token] section.'),
cfg.StrOpt('certfile', cfg.StrOpt('certfile',
default='/etc/keystone/ssl/certs/signing_cert.pem', default='/etc/keystone/ssl/certs/signing_cert.pem',
help='Path of the certfile for token signing.'), help='Path of the certfile for token signing. For '
'non-production environments, you may be interested '
'in using `keystone-manage pki_setup` to generate '
'self-signed certificates.'),
cfg.StrOpt('keyfile', cfg.StrOpt('keyfile',
default='/etc/keystone/ssl/private/signing_key.pem', default='/etc/keystone/ssl/private/signing_key.pem',
help='Path of the keyfile for token signing.'), help='Path of the keyfile for token signing.'),