Add TLS support for keystone via proxy

* Adds lib/tls to create test CA/certs
* Start proxy if 'tls-proxy' is enabled
* Configure keystone service catalog for TLS
* Tear down proxy in unstack.sh
* Set auth protocol and ca-cert chain in openrc
* Add DATA_DIR to stackrc

This is the first in a series of patches to enable TLS support
for the service API endpoints.

Change-Id: Ia1c91dc8f1aaf94fbec9dc71da322559a83d14b6
This commit is contained in:
Dean Troyer
2012-11-29 11:47:58 -06:00
parent 00626a3186
commit c83a7e125f
7 changed files with 376 additions and 10 deletions

@ -62,6 +62,11 @@ if is_service_enabled horizon; then
stop_horizon
fi
# Kill TLS proxies
if is_service_enabled tls-proxy; then
killall stud
fi
SCSI_PERSIST_DIR=$CINDER_STATE_PATH/volumes/*
# Get the iSCSI volumes