Skip to content
Snippets Groups Projects
Commit 35139731 authored by sousaedu's avatar sousaedu
Browse files

Fix bug 1571 - Certificate for LDAPS not written if TLS is disabled in Keystone 


Change-Id: I9d4d3f96c7607c1b6f2172cb0de0a5bdcbffbfc3
Signed-off-by: default avatarsousaedu <eduardo.sousa@canonical.com>
parent 511bcae5
No related branches found
Tags v9.1.2 v9.1.3
No related merge requests found
Hide whitespace changes
Inline Side-by-side
docker/Keystone/scripts/start.sh
+ 6
0
View file @ 35139731
......@@ -165,6 +165,12 @@ EOF
if [ "$LDAP_GROUP_TREE_DN" ]; then
echo "group_tree_dn = $LDAP_GROUP_TREE_DN" >> /etc/keystone/domains/keystone.$LDAP_AUTHENTICATION_DOMAIN_NAME.conf
fi
if [ "$LDAP_TLS_CACERT_BASE64" ]; then
mkdir -p /etc/ssl/certs/
echo "-----BEGIN CERTIFICATE-----" >> /etc/ssl/certs/ca-certificates.crt
echo $LDAP_TLS_CACERT_BASE64 >> /etc/ssl/certs/ca-certificates.crt
echo "-----END CERTIFICATE-----" >> /etc/ssl/certs/ca-certificates.crt
fi
if [ "$LDAP_USE_STARTTLS" ] && [ "$LDAP_USE_STARTTLS" == "true" ]; then
echo "use_tls = true" >> /etc/keystone/domains/keystone.$LDAP_AUTHENTICATION_DOMAIN_NAME.conf
mkdir -p /etc/keystone/ssl/certs/
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment