1.4 KiB
1.4 KiB
Install REST API and Horizon Certificate
This certificate must be valid for the domain configured for
OpenStack, see the sections on Accessing the System <access-using-the-default-set-up>
.
Before installing the openstack certificate and key, you must install
the ROOT for the openstack certificate as a trusted ca, Install a Trusted CA
Certificate <install-a-trusted-ca-certificate>
.
Install the certificate for OpenStack as Helm chart overrides.
~(keystone_admin)$ system certificate-install -m openstack <certificate_file>
where <certificate_file> is a pem file containing both the certificate and private key.
Note
The OpenStack certificate must be created with wildcard .
For example, to create a certificate for : west2.us.example.com, the following entry must be included in the certificate:
X509v3 extensions: X509v3 Subject Alternative Name: DNS:*.west2.us.example.com
Apply the Helm chart overrides containing the certificate changes.
~(keystone_admin)$ system application-apply wr-openstack