summaryrefslogtreecommitdiff
path: root/examples
Commit message (Collapse)AuthorAgeFilesLines
* Remove support for PKI and PKIz tokensSteve Martinelli2016-11-019-556/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is the first step of several to remove PKI token support in keystone. A large issue in removing PKI support is support for the revocation list must be maintained. This patch removes support for the token format, it's surrounding tests and examples that are generated. Additionally, some wording has been changed around the CLI and config options to make the distinction between keys and certs used for PKI tokens and those used for getting the revocation list (a list of tokens that are revoked, which is signed). Future patches will: - Remove the keystone-manage commands for generating certs - Modify the revocation list (at /auth/tokens/OS-PKI/revoked) to return a 403 if pki is not configured (instead of raising a 500). We cannot remove the API as that would break an API contract. - Options to configure PKI will be marked as deprecated - If PKI is configured a normal signed list will be returned (same behavior as today) - Follow up patch to keystonemiddleware will make sure auth_token does not rely on the revocation api at all. Related-Bug: 1626778 Related-Bug: 1626779 Co-Authored-By: Boris Bobrov <bbobrov@mirantis.com> bp removed-as-of-ocata Change-Id: Icf1ebced44a675c88fb66a6c0431208ff5181574
* Correct bashate issues in gen_pki.shBrant Knudson2015-10-201-6/+18
| | | | | | There were some warnings for lines too long. Change-Id: I01796e4ff6cacbbdf57a0b1a8cc34101f8fdc0f8
* Example JSON files should be human-readableHarry Rybacki2014-07-194-4/+201
| | | | Change-Id: I58a68829176a8447133c99908338b90b7204a694
* Make gen_pki.sh & debug_helper.sh bash8 compliantLance Bragstad2014-06-231-57/+56
| | | | | | | | Now that bash8 is available on PyPI we can use it to clean up the bash scripts in Keystone. This also uses bash8 in tox. For now we can add files to the tox check manually as we make them compliant. Change-Id: I87a7478949114163f0614b1a6d8b249e14afe0df
* Modified keystone endpoint-create default regionanusha-rayani-72014-02-032-2/+2
| | | | | | | | The default region is changed from regionOne to RegionOne Change-Id: I610174f7c4241ce7405f100e775fd03df676eeac Closes-Bug: #1252299
* fix unparseable JSONRick Hull2013-11-081-1/+1
| | | | | | | | | - use only double quotes - remove trailing commas for last element - add trailing newline Change-Id: I3f47a25cdac429d95319ca80c6622b9cb1460446 Closes-Bug: #1249117
* Changed header from LLC to Foundation based on trademark policiesSean Winn2013-09-051-1/+1
| | | | | | Fixes: Bug 1214176 Change-Id: Ie937081a53d377671b8b88f422642c8131002f88
* Regenerate example PKI after change of defaultsDirk Mueller2013-07-0911-118/+196
| | | | | | | In https://review.openstack.org/#/c/31374/ the PKI defaults were changed but the example PKI not updated. Update it now. Change-Id: Ie65f27ab586e05a3c43a589499c115b56e734e07
* Raise key length defaultsDirk Mueller2013-06-041-10/+10
| | | | | | | | | | | | Extend RSA keylength to 2048 bits by default, as the previous default of 1024 bit is considered weak since 12/31/2010. Also unify the message_md to the openssl builtin default. Fixes bug 1103002 Change-Id: I70e90b7696f8a56073c3d6bdc9ed5d30cfa3401f
* bug 1069945: generate certs for the tests in one placeGuang Yee2012-11-0521-122/+314
| | | | | | and doc how to install signing certificate from an external CA Change-Id: I92feb8eaeea617211ee7132480ac7a63bf0a1bf1
* Fixed bug 1068851. Refreshed new crypto for the SSL tests.guang-yee2012-10-226-188/+273
| | | | Change-Id: Ib37547923a9da347835a9b2c51deae6b954e1ead
* blueprint 2-way-sslLiem Nguyen2012-05-245-0/+194
Implemented bp/2-way-ssl using eventlet-based SSL. Change-Id: I5aeb622aded13b406e01c78a2d8c245543306180
View Lorry Controller Status