Bug 1041912

Summary: [RFE][keystone]: Use Certmonger to manage the certificates for Keystone
Product: Red Hat OpenStack Reporter: RHOS Integration <rhos-integ>
Component: RFEsAssignee: RHOS Maint <rhos-maint>
Status: CLOSED UPSTREAM QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: markmc, yeylon
Target Milestone: ---Keywords: FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
URL: https://blueprints.launchpad.net/keystone/+spec/certmonger
Whiteboard: upstream_milestone_none upstream_status_unknown upstream_definition_superseded
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-03-19 17:39:10 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description RHOS Integration 2013-12-12 20:02:27 UTC 
Cloned from launchpad blueprint https://blueprints.launchpad.net/keystone/+spec/certmonger.

Description:

Certmonger is a tool designed for requesting and refreshing X509 certiicates: https://fedorahosted.org/certmonger/
It is supported on both Fedora and Debian based distributions, and can talk to multiple CA servers.  Using it removes the openssl specific code in Keystone, and will provide logicial tie in with a production PKI

Specification URL (additional information):

None