keystone.conf The Identity Service /etc/keystone/keystone.conf configuration file is an INI-format file with sections. The [DEFAULT] section configures general configuration values. Specific sections, such as the [sql] and [ec2] sections, configure individual services.

keystone.conf file sections

Section	Description
[DEFAULT]	General configuration.
[sql]	Optional storage back-end configuration.
[ec2]	Amazon EC2 authentication driver configuration.
[s3]	Amazon S3 authentication driver configuration.
[identity]	Identity Service system driver configuration.
[catalog]	Service catalog driver configuration.
[token]	Token driver configuration.
[policy]	Policy system driver configuration for RBAC.
[signing]	Cryptographic signatures for PKI based tokens.
[ssl]	SSL configuration.

When you start the Identity Service, you can use the --config-file parameter to specify a configuration file. If you do not specify a configuration file, the Identity Service looks for the keystone.conf configuration file in these directories in this order: ~/.keystone ~/ /etc/keystone /etc keystone-paste.ini The /etc/keystone/keystone-paste.ini file configures the Identity Service WSGI middleware pipeline.