Merge "Clarify that the certificate guide should be used"
This commit is contained in:
commit
a485934de3
|
@ -1,5 +1,11 @@
|
|||
#!/bin/bash
|
||||
|
||||
# NOTE: This script should not be used for creating certificates in a
|
||||
# deployment. It is only used for some testing jobs.
|
||||
# Please follow the Octavia Certificate Configuration Guide when setting
|
||||
# up a deployment. See:
|
||||
# https://docs.openstack.org/octavia/latest/admin/guides/certificates.html
|
||||
|
||||
# USAGE: <certificate directory> <openssl.cnf (example in etc/certificate)
|
||||
#Those are certificates for testing will be generated
|
||||
#
|
||||
|
@ -36,6 +42,11 @@ CERT_DIR=$1
|
|||
OPEN_SSL_CONF=$2 # etc/certificates/openssl.cnf
|
||||
VALIDITY_DAYS=${3:-18250} # defaults to 50 years
|
||||
|
||||
echo "!!!!!!!!!!!!!!!Do not use this script for deployments!!!!!!!!!!!!!"
|
||||
echo "Please use the Octavia Certificate Configuration guide:"
|
||||
echo "https://docs.openstack.org/octavia/latest/admin/guides/certificates.html"
|
||||
echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
|
||||
|
||||
echo $CERT_DIR
|
||||
|
||||
|
||||
|
|
|
@ -261,10 +261,10 @@ amphorae: The amphora REST API. Both amphora API and Octavia controller do
|
|||
bi-directional certificate-based authentication in order to authenticate and
|
||||
encrypt communication. You must therefore create appropriate TLS certificates
|
||||
which will be used for key signing, authentication, and encryption. There is a
|
||||
helper script to do this in this repository under:
|
||||
``bin/create_certificates.sh``
|
||||
detailed :doc:`../../admin/guides/certificates` to guide you through this
|
||||
process.
|
||||
|
||||
Please note that certificates created with this helper script may not meet your
|
||||
Please note that certificates created with this guide may not meet your
|
||||
organization's security policies, since they are self-signed certificates with
|
||||
arbitrary bit lengths, expiration dates, etc. Operators should obviously
|
||||
follow their own security guidelines in creating these certificates.
|
||||
|
|
Loading…
Reference in New Issue