Merge "Clarify that the certificate guide should be used"

Zuul 4 years ago committed by Gerrit Code Review
commit a485934de3

@ -1,5 +1,11 @@
# NOTE: This script should not be used for creating certificates in a
# deployment. It is only used for some testing jobs.
# Please follow the Octavia Certificate Configuration Guide when setting
# up a deployment. See:
# USAGE: <certificate directory> <openssl.cnf (example in etc/certificate)
#Those are certificates for testing will be generated
@ -36,6 +42,11 @@ CERT_DIR=$1
OPEN_SSL_CONF=$2 # etc/certificates/openssl.cnf
VALIDITY_DAYS=${3:-18250} # defaults to 50 years
echo "!!!!!!!!!!!!!!!Do not use this script for deployments!!!!!!!!!!!!!"
echo "Please use the Octavia Certificate Configuration guide:"
echo ""
echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
echo $CERT_DIR

@ -261,10 +261,10 @@ amphorae: The amphora REST API. Both amphora API and Octavia controller do
bi-directional certificate-based authentication in order to authenticate and
encrypt communication. You must therefore create appropriate TLS certificates
which will be used for key signing, authentication, and encryption. There is a
helper script to do this in this repository under:
detailed :doc:`../../admin/guides/certificates` to guide you through this
Please note that certificates created with this helper script may not meet your
Please note that certificates created with this guide may not meet your
organization's security policies, since they are self-signed certificates with
arbitrary bit lengths, expiration dates, etc. Operators should obviously
follow their own security guidelines in creating these certificates.