Run devstack CA and cert setup early
Previously apache was configured and restarted before we configured the CA and certs. In most cases this is fine because those specific vhosts didn't use tls. However, if you had previously run devstack and had leftover vhosts and an unconfigured CA or certs devstack would fail. This is a small corner case, but its simple to address by moving CA and cert setup up in stack.sh to before we do anything related to web servers. Change-Id: I31dbaf9471088b9faff26c7b790da6f6feebb2d5
This commit is contained in:
Clark Boylan
parent
a6e4e42fb3
commit
cc072fd32f
19
stack.sh
19
stack.sh
@ -833,6 +833,18 @@ if is_service_enabled etcd3; then
|
||||
install_etcd3
|
||||
fi
|
||||
|
||||
# Setup TLS certs
|
||||
# ---------------
|
||||
|
||||
# Do this early, before any webservers are set up to ensure
|
||||
# we don't run into problems with missing certs when apache
|
||||
# is restarted.
|
||||
if is_service_enabled tls-proxy; then
|
||||
configure_CA
|
||||
init_CA
|
||||
init_cert
|
||||
fi
|
||||
|
||||
# Check Out and Install Source
|
||||
# ----------------------------
|
||||
|
||||
@ -857,13 +869,6 @@ if is_service_enabled neutron nova horizon; then
|
||||
install_neutronclient
|
||||
fi
|
||||
|
||||
# Setup TLS certs
|
||||
if is_service_enabled tls-proxy; then
|
||||
configure_CA
|
||||
init_CA
|
||||
init_cert
|
||||
fi
|
||||
|
||||
# Install middleware
|
||||
install_keystonemiddleware
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user