Generating and configuring tokens PKIs
Keystone uses cryptographically signed tokens with a private key and are matched against x509 certificate with public key. Chatper 5, Glance Image Service discusses advanced configurations. In this recipe, we will use
keystone-manage pki_setup command to generate PKI key pairs and configure Keystone to use it.
How to do it…
Proceed with the following steps:
- Generate PKI keys using the
[root@controller ~]# keystone-manage pki_setup --keystone-user keystone --keystone-group keystone
keystone-manage pki_setup, we use Keystone Linux user and group accounts, which were created when
openstack-keystonepackaged was installed.
- Change the ownership of the generated PKI files: ...