Merge "Add note about trusting the undercloud's CA certificate"
This commit is contained in:
commit
fa4b14adfd
|
@ -95,6 +95,11 @@ certificate store::
|
|||
sudo cp cacert.pem /etc/pki/ca-trust/source/anchors/
|
||||
sudo update-ca-trust extract
|
||||
|
||||
.. note:: If you're using a self-signed or autogenerated certificate for the
|
||||
undercloud, the overcloud nodes will need to trust it. So the
|
||||
contents of the certificate need to be set in the CAMap as described
|
||||
in ":ref:`ca-trust`" section.
|
||||
|
||||
Overcloud SSL
|
||||
-------------
|
||||
|
||||
|
@ -294,6 +299,8 @@ Self-signed DNS-based certificate::
|
|||
.. note:: It is also possible to get the public certificate from a CA. See
|
||||
:doc:`../advanced_deployment/tls_everywhere`
|
||||
|
||||
.. _ca-trust:
|
||||
|
||||
Getting the overcloud to trust CAs
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
|
|
Loading…
Reference in New Issue