O'Reilly logo

Production Ready OpenStack - Recipes for Successful Environments by Arthur Berezin

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Generating and configuring tokens PKIs

Keystone uses cryptographically signed tokens with a private key and are matched against x509 certificate with public key. Chatper 5, Glance Image Service discusses advanced configurations. In this recipe, we will use keystone-manage pki_setup command to generate PKI key pairs and configure Keystone to use it.

How to do it…

Proceed with the following steps:

  1. Generate PKI keys using the keystone-manage pki_setup command:
    [root@controller ~]# keystone-manage pki_setup --keystone-user keystone --keystone-group keystone
    

    Note

    In keystone-manage pki_setup, we use Keystone Linux user and group accounts, which were created when openstack-keystone packaged was installed.

  2. Change the ownership of the generated PKI files: ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required