From: sousaedu Date: Thu, 17 Jun 2021 10:04:34 +0000 (+0100) Subject: Fix bug 1571 - Certificate for LDAPS not written if TLS is disabled in Keystone X-Git-Tag: v9.1.2^0 X-Git-Url: https://osm.etsi.org/gitweb/?a=commitdiff_plain;h=refs%2Fchanges%2F19%2F11019%2F3;p=osm%2Fdevops.git Fix bug 1571 - Certificate for LDAPS not written if TLS is disabled in Keystone Change-Id: I9d4d3f96c7607c1b6f2172cb0de0a5bdcbffbfc3 Signed-off-by: sousaedu --- diff --git a/docker/Keystone/scripts/start.sh b/docker/Keystone/scripts/start.sh index e4bb5f27..5cdeddf3 100755 --- a/docker/Keystone/scripts/start.sh +++ b/docker/Keystone/scripts/start.sh @@ -165,6 +165,12 @@ EOF if [ "$LDAP_GROUP_TREE_DN" ]; then echo "group_tree_dn = $LDAP_GROUP_TREE_DN" >> /etc/keystone/domains/keystone.$LDAP_AUTHENTICATION_DOMAIN_NAME.conf fi + if [ "$LDAP_TLS_CACERT_BASE64" ]; then + mkdir -p /etc/ssl/certs/ + echo "-----BEGIN CERTIFICATE-----" >> /etc/ssl/certs/ca-certificates.crt + echo $LDAP_TLS_CACERT_BASE64 >> /etc/ssl/certs/ca-certificates.crt + echo "-----END CERTIFICATE-----" >> /etc/ssl/certs/ca-certificates.crt + fi if [ "$LDAP_USE_STARTTLS" ] && [ "$LDAP_USE_STARTTLS" == "true" ]; then echo "use_tls = true" >> /etc/keystone/domains/keystone.$LDAP_AUTHENTICATION_DOMAIN_NAME.conf mkdir -p /etc/keystone/ssl/certs/