813 B
813 B
Install and trust a CA at the operating system level, making it available for use by OpenStack services and other network clients authenticating SSL-secured connections.
Configuration
ssl:
ca_certificate: certdata
The CA certificate will be written to /etc/ssl/from-heat-ca.crt and installed using update-ca-certificates (apt-based distros) or update-ca-trusts (yum-based distros).
This may be used in conjunction with openstack-ssl to enable SSL-secure connections between OpenStack services, or independently to enable secure integration with external resources such as Keystone -> LDAP server or Cinder -> external backend.
If multiple CA certificates are to be trusted, they should be concatenated in PEM format within the single ca_certificate property defining the trust store.