Enable HTTPS services in devstack.

Registered by Jamie Lennox on 2013-09-17

For security reasons most real deployments of openstack should be using HTTPS. As a reference devstack should be able to deploy a HTTPS enable system

Blueprint information

Status:
Not started
Approver:
Dean Troyer
Priority:
Medium
Drafter:
Jamie Lennox
Direction:
Approved
Assignee:
Jamie Lennox
Definition:
New
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bp/devstack-https,n,z

Addressed by: https://review.openstack.org/47076
    Allow deploying keystone with SSL certificates

Addressed by: https://review.openstack.org/47526
    An example of Certificate Generation with devstack

Addressed by: https://review.openstack.org/97632
    SSL protected cinder endpoints

Addressed by: https://review.openstack.org/99433
    Always check keystone using http

Addressed by: https://review.openstack.org/102542
    Do a proper tls/ca cleanup in unstack

Addressed by: https://review.openstack.org/102882
    Stud is available in new distributions

Addressed by: https://review.openstack.org/103188
    Register the CA chain in glance

(?)

Work Items

Work items:
jamielennox Use openssl to assign selfsigned certificates to keystone: TODO
jamielennox identify how to assign certificates for other services: TODO
jamielennox use certmonger to manage certificates: TODO

This blueprint contains Public information 
Everyone can see this information.