f89156f38e
Change “wr-openstack” instances to “|prefix|-openstack”. PS2: Use |prefix| substitution instead of "stx" PS3, 4, 5, 6, 7: Fix table alignment PS8: Replace table with text for |prefix| usage Closes-Bug: 1948045 Change-Id: I41f804dd83d480e99a9c8ebfc252def3de0215ea Signed-off-by: MCamp859 <maryx.camp@intel.com>
1.5 KiB
Install REST API and Horizon Certificate
This certificate must be valid for the domain configured for
OpenStack, see the sections on Accessing the System <access-using-the-default-set-up>.
Obtain an Intermediate or Root CA-signed certificate and key from a trusted Intermediate or Root CA. The OpenStack certificate should be created with a wildcard SAN, for example:
X509v3 extensions:
X509v3 Subject Alternative Name:
DNS:*.west2.us.example.com
Put the encoded versions of the OpenStack certificate and key in a single file (e.g. openstack-cert-key.pem), and put the certificate of the Root CA in a separate file (e.g. openstack-ca-cert.pem), and copy the files to the controller host.
Install the certificate as the OpenStack REST API / Horizon Certificate.
~(keystone_admin)]$ system certificate-install -m ssl_ca openstack-ca-cert.pem ~(keystone_admin)]$ system certificate-install -m openstack_ca openstack-ca-cert.pem ~(keystone_admin)$ system certificate-install -m openstack openstack-cert-key.pemApply the Helm chart overrides containing the certificate changes.
~(keystone_admin)$ system application-apply -openstack