diff options
author | Gregory Haynes <greg@greghaynes.net> | 2014-10-16 14:10:43 -0700 |
---|---|---|
committer | Gregory Haynes <greg@greghaynes.net> | 2014-10-22 08:09:04 -0700 |
commit | 0064f5e8b66dd42788b454df7e467bac8fe96db4 (patch) | |
tree | 51078ed9f172f9e883a40535cfcb524ac85b8681 /overcloud-source.yaml | |
parent | 6f3f9ec6da71fec349856e719d0606a6d8b33d91 (diff) |
Add SSL PKI properties for keystone
To implement the SSL PKI spec we need to change the keystone ssl cert
and cert key properties to be more generalizable. We also need to
support the old properties for backwards compatibility.
Change-Id: Icf46132230512a31b6dec3c07164c95b13dd8f73
Diffstat (limited to 'overcloud-source.yaml')
-rw-r--r-- | overcloud-source.yaml | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/overcloud-source.yaml b/overcloud-source.yaml index b2042d00..ff8cddcb 100644 --- a/overcloud-source.yaml +++ b/overcloud-source.yaml @@ -173,6 +173,15 @@ parameters: description: Keystone key for signing tokens. type: string hidden: true + KeystoneSSLCertificate: + default: '' + description: Keystone certificate for verifying token validity. + type: string + KeystoneSSLCertificateKey: + default: '' + description: Keystone key for signing tokens. + type: string + hidden: true LiveUpdateComputeImage: type: string description: The image ID for live-updates to the overcloud compute nodes. @@ -558,6 +567,9 @@ resources: ca_certificate: {get_param: KeystoneCACertificate} signing_key: {get_param: KeystoneSigningKey} signing_certificate: {get_param: KeystoneSigningCertificate} + ssl: + certificate: {get_param: KeystoneSSLCertificate} + certificate_key: {get_param: KeystoneSSLCertificateKey} mysql: innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize} local_bind: true |