Hints to start with:
* https://mozilla.github.io/server-side-tls/ssl-config-generator/
* https://www.ssllabs.com/ssltest/
* https://raymii.org/s/tutorials/Strong_SSL_Security_On_Apache2.html
You definitely need to setup the WSGI as, yes, the eventlet is
deprecated. Enjoy your TLS setup :)
I'm fairly sure the parameters under [ssl] are only for using the
deprecated eventlet server. You'll need to add your SSL configuration
to the Apache VirtualHost in order to be able to get access to SSL
Good luck!
On Wed, Sep 21, 2016 at 11:14 PM, zhangjian
wrote:
Hi, all
I have a mitaka environment created by packstack, and i tried to
configure the keystone to use ssl, but failed, can anyone help me?
# keystone is a wsgi service now.
Configure steps are as following:
===
# keystone-manage ssl_setup --keystone-user keystone