Re: [Openstack-operators] How to configure keystone to use SSL

Hints to start with: * https://mozilla.github.io/server-side-tls/ssl-config-generator/ * https://www.ssllabs.com/ssltest/ * https://raymii.org/s/tutorials/Strong_SSL_Security_On_Apache2.html You definitely need to setup the WSGI as, yes, the eventlet is deprecated. Enjoy your TLS setup :)

Re: [Openstack-operators] How to configure keystone to use SSL

I'm fairly sure the parameters under [ssl] are only for using the deprecated eventlet server. You'll need to add your SSL configuration to the Apache VirtualHost in order to be able to get access to SSL Good luck! On Wed, Sep 21, 2016 at 11:14 PM, zhangjian wrote:

[Openstack-operators] How to configure keystone to use SSL

Hi, all I have a mitaka environment created by packstack, and i tried to configure the keystone to use ssl, but failed, can anyone help me? # keystone is a wsgi service now. Configure steps are as following: === # keystone-manage ssl_setup --keystone-user keystone