38a4da963d
This patch imports the autogenerated tables for keystone. Actual use of these tables will be done in another patch. Change-Id: Ib035c8469820aca7a7cf880f1bea758e9ea855d1 Partial-Bug: #1277330
95 lines
4.2 KiB
XML
95 lines
4.2 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!-- Warning: Do not edit this file. It is automatically
|
|
generated and your changes will be overwritten.
|
|
The tool to do so lives in the tools directory of this
|
|
repository -->
|
|
<para xmlns="http://docbook.org/ns/docbook" version="5.0">
|
|
<table rules="all" xml:id="config_table_keystone_ssl">
|
|
<caption>Description of configuration options for ssl</caption>
|
|
<col width="50%"/>
|
|
<col width="50%"/>
|
|
<thead>
|
|
<tr>
|
|
<th>Configuration option = Default value</th>
|
|
<th>Description</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
<tr>
|
|
<th colspan="2">[signing]</th>
|
|
</tr>
|
|
<tr>
|
|
<td>ca_certs = /etc/keystone/ssl/certs/ca.pem</td>
|
|
<td>(StrOpt) Path of the CA for token signing.</td>
|
|
</tr>
|
|
<tr>
|
|
<td>ca_key = /etc/keystone/ssl/private/cakey.pem</td>
|
|
<td>(StrOpt) Path of the CA Key for token signing.</td>
|
|
</tr>
|
|
<tr>
|
|
<td>cert_subject = /C=US/ST=Unset/L=Unset/O=Unset/CN=www.example.com</td>
|
|
<td>(StrOpt) Certificate Subject (auto generated certificate) for token signing.</td>
|
|
</tr>
|
|
<tr>
|
|
<td>certfile = /etc/keystone/ssl/certs/signing_cert.pem</td>
|
|
<td>(StrOpt) Path of the certfile for token signing.</td>
|
|
</tr>
|
|
<tr>
|
|
<td>key_size = 2048</td>
|
|
<td>(IntOpt) Key Size (in bits) for token signing cert (auto generated certificate).</td>
|
|
</tr>
|
|
<tr>
|
|
<td>keyfile = /etc/keystone/ssl/private/signing_key.pem</td>
|
|
<td>(StrOpt) Path of the keyfile for token signing.</td>
|
|
</tr>
|
|
<tr>
|
|
<td>token_format = None</td>
|
|
<td>(StrOpt) Deprecated in favor of provider in the [token] section.</td>
|
|
</tr>
|
|
<tr>
|
|
<td>valid_days = 3650</td>
|
|
<td>(IntOpt) Day the token signing cert is valid for (auto generated certificate).</td>
|
|
</tr>
|
|
<tr>
|
|
<th colspan="2">[ssl]</th>
|
|
</tr>
|
|
<tr>
|
|
<td>ca_certs = /etc/keystone/ssl/certs/ca.pem</td>
|
|
<td>(StrOpt) Path of the ca cert file for SSL.</td>
|
|
</tr>
|
|
<tr>
|
|
<td>ca_key = /etc/keystone/ssl/private/cakey.pem</td>
|
|
<td>(StrOpt) Path of the CA key file for SSL.</td>
|
|
</tr>
|
|
<tr>
|
|
<td>cert_required = False</td>
|
|
<td>(BoolOpt) Require client certificate.</td>
|
|
</tr>
|
|
<tr>
|
|
<td>cert_subject = /C=US/ST=Unset/L=Unset/O=Unset/CN=localhost</td>
|
|
<td>(StrOpt) SSL Certificate Subject (auto generated certificate).</td>
|
|
</tr>
|
|
<tr>
|
|
<td>certfile = /etc/keystone/ssl/certs/keystone.pem</td>
|
|
<td>(StrOpt) Path of the certfile for SSL.</td>
|
|
</tr>
|
|
<tr>
|
|
<td>enable = False</td>
|
|
<td>(BoolOpt) Toggle for SSL support on the keystone eventlet servers.</td>
|
|
</tr>
|
|
<tr>
|
|
<td>key_size = 1024</td>
|
|
<td>(IntOpt) SSL Key Length (in bits) (auto generated certificate).</td>
|
|
</tr>
|
|
<tr>
|
|
<td>keyfile = /etc/keystone/ssl/private/keystonekey.pem</td>
|
|
<td>(StrOpt) Path of the keyfile for SSL.</td>
|
|
</tr>
|
|
<tr>
|
|
<td>valid_days = 3650</td>
|
|
<td>(IntOpt) Days the certificate is valid for once signed (auto generated certificate).</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</para>
|