d95c80d36f
Fixed merge conflict (RS) Signed-off-by: Rafael Jardim <rafaeljordao.jardim@windriver.com> Change-Id: I30b882a14196525f440db1108a56bbf862dfaf55 Signed-off-by: Ron Stone <ronald.stone@windriver.com>
49 lines
1.5 KiB
ReStructuredText
49 lines
1.5 KiB
ReStructuredText
|
|
.. law1570030645265
|
|
.. _install-update-the-starlingx-rest-and-web-server-certificate:
|
|
|
|
=================================================================
|
|
Install/Update the StarlingX Rest and Web Server Certificate
|
|
=================================================================
|
|
|
|
Use the following procedure to install or update the certificate for the REST
|
|
API application endpoints \(Keystone, Barbican and StarlingX\) and the web
|
|
administration server.
|
|
|
|
.. rubric:: |prereq|
|
|
|
|
Obtain an intermediate or Root |CA|-signed certificate and key from a trusted
|
|
intermediate or Root |CA|. Refer to the documentation for the external
|
|
Intermediate or Root |CA| that you are using, on how to create public
|
|
certificate and private key pairs, signed by intermediate or a Root |CA|, for
|
|
HTTPS.
|
|
|
|
.. xbooklink
|
|
|
|
For lab purposes, see :ref:`Locally Creating Certificates
|
|
<creating-certificates-locally-using-openssl>` for how to create a test
|
|
intermediate or Root |CA| certificate and key, and use it to sign test
|
|
certificates.
|
|
|
|
Put the |PEM| encoded versions of the certificate and key in a single file,
|
|
and copy the file to the controller host.
|
|
|
|
.. rubric:: |proc|
|
|
|
|
- Install/update the copied certificate.
|
|
|
|
For example:
|
|
|
|
.. code-block:: none
|
|
|
|
~(keystone_admin)]$ system certificate-install -m ssl <pathTocertificateAndKey>
|
|
|
|
where:
|
|
|
|
**<pathTocertificateAndKey>**
|
|
|
|
is the path to the file containing both the intermediate or Root
|
|
|CA|-signed certificate and private key to install.
|
|
|
|
|