diff options
| author |   Jenkins <jenkins@review.openstack.org> | 2014-10-30 09:11:01 +0000 |
|---|---|---|
| committer |   Gerrit Code Review <review@openstack.org> | 2014-10-30 09:11:01 +0000 |
| commit | b6fac3c901189a081e80cc1fb43f09e3d6a2f8f7 (patch) | |
| tree | 6dba8ca523a02bb862a048f29417f7029d7b697b | |
| parent | 309931c3d00c1918536283d4daf11f926d48f716 (diff) | |
| parent | 0064f5e8b66dd42788b454df7e467bac8fe96db4 (diff) | |
Merge "Add SSL PKI properties for keystone"
| -rw-r--r-- | overcloud-source.yaml | 12 | ||||
| -rw-r--r-- | undercloud-source.yaml | 12 |
2 files changed, 24 insertions, 0 deletions
diff --git a/overcloud-source.yaml b/overcloud-source.yaml index 0b60047a..a205e074 100644 --- a/overcloud-source.yaml +++ b/overcloud-source.yaml @@ -173,6 +173,15 @@ parameters: description: Keystone key for signing tokens. type: string hidden: true + KeystoneSSLCertificate: + default: '' + description: Keystone certificate for verifying token validity. + type: string + KeystoneSSLCertificateKey: + default: '' + description: Keystone key for signing tokens. + type: string + hidden: true LiveUpdateComputeImage: type: string description: The image ID for live-updates to the overcloud compute nodes. @@ -568,6 +577,9 @@ resources: ca_certificate: {get_param: KeystoneCACertificate} signing_key: {get_param: KeystoneSigningKey} signing_certificate: {get_param: KeystoneSigningCertificate} + ssl: + certificate: {get_param: KeystoneSSLCertificate} + certificate_key: {get_param: KeystoneSSLCertificateKey} mysql: innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize} local_bind: true diff --git a/undercloud-source.yaml b/undercloud-source.yaml index 94795934..67c3e6d6 100644 --- a/undercloud-source.yaml +++ b/undercloud-source.yaml @@ -115,6 +115,15 @@ parameters: description: Keystone key for signing tokens. type: string hidden: true + KeystoneSSLCertificate: + default: '' + description: Keystone certificate for verifying token validity. + type: string + KeystoneSSLCertificateKey: + default: '' + description: Keystone key for signing tokens. + type: string + hidden: true HeatPassword: default: unset description: The password for the Heat service account, used by the Heat services. @@ -291,6 +300,9 @@ resources: ca_certificate: {get_param: KeystoneCACertificate} signing_key: {get_param: KeystoneSigningKey} signing_certificate: {get_param: KeystoneSigningCertificate} + ssl: + certificate: {get_param: KeystoneSSLCertificate} + certificate_key: {get_param: KeystoneSSLCertificateKey} mysql: innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize} root-password: {get_resource: MysqlRootPassword} |