/usr/share/tripleo-image-elements/openstack-ssl/README.md is in python-tripleo-image-elements 0.7.1-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 | Install and configure stunnel4 for local services.
Configuration
-------------
stunnel:
cert: certdata
key: keydata
ports:
- name: 'ec2'
accept: 13773
connect: 8773
- name: 'image'
accept: 13292
connect: 9292
- name: 'identity'
accept: 13000
connect: 5000
- name: 'network'
accept: 13696
connect: 9696
- name: 'compute'
accept: 13774
connect: 8774
- name: 'swift-proxy'
accept: 13080
connect: 8080
- name: 'cinder'
accept: 13776
connect: 8776
The certificate and key data will be written to /etc/ssl/from-heat.{crt,key}.
The certificate and key will be held persistently by Heat, so only use this with
an SSL enabled heat, and as soon as bug 1269999 is fixed, we will migrate away
from this implementation.
Note that the public API endpoints in keystone need to be registered with https
urls, which is outside the scope of the local machine configuration process.
|