Bug 1672754

Summary: [RFE] Automate flow of self-signed certificates for TLS deployments using director
Product: Red Hat OpenStack Reporter: Harry Rybacki <hrybacki>
Component: openstack-tripleoAssignee: James Slagle <jslagle>
Status: CLOSED DUPLICATE QA Contact: Arik Chernetsky <achernet>
Severity: low Docs Contact:
Priority: medium    
Version: 14.0 (Rocky)CC: mburns
Target Milestone: ---Keywords: FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-07-21 15:44:28 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Harry Rybacki 2019-02-05 19:15:14 UTC 
Description of problem:

Presently, without an IPA instance is present, certificates have to be generated manually on the undercloud to enable TLS[1] with director based deployments. 

For PoC work this is cumbersome and error prone. Field has requested we automate this via TripleO in akin to what QE has done with Infrared[2].

[1] - https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/14/html-single/director_installation_and_usage/#appe-SSLTLS_Certificate_Configuration
[2] - https://github.com/redhat-openstack/infrared/blob/master/plugins/tripleo-undercloud/tasks/ssl.yml