b71cb7758c
Signed-off-by: Juanita-Balaraj <juanita.balaraj@windriver.com> Change-Id: I6345e6be7e31e12d2f81bb6d35788896ddddcbf9
1.5 KiB
1.5 KiB
Install REST API and Horizon Certificate
This certificate must be valid for the domain configured for
OpenStack, see the sections on Accessing the System <access-using-the-default-set-up>.
Obtain an Intermediate or Root CA-signed certificate and key from a trusted Intermediate or Root CA. The OpenStack certificate should be created with a wildcard SAN, for example:
X509v3 extensions:
X509v3 Subject Alternative Name:
DNS:*.west2.us.example.com
Put the encoded versions of the OpenStack certificate and key in a single file (e.g. openstack-cert-key.pem), and put the certificate of the Root CA in a separate file (e.g. openstack-ca-cert.pem), and copy the files to the controller host.
Install the certificate as the OpenStack REST API / Horizon Certificate.
~(keystone_admin)]$ system certificate-install -m ssl_ca openstack-ca-cert.pem ~(keystone_admin)]$ system certificate-install -m openstack_ca openstack-ca-cert.pem ~(keystone_admin)$ system certificate-install -m openstack openstack-cert-key.pemApply the Helm chart overrides containing the certificate changes.
~(keystone_admin)$ system application-apply wr-openstack