Hi Team, Thanks in advance. I would like to set a single node Redhat openstack setup with all the services endpoints to https. I tried manually and I guess I am able to set Keystone on https. Adding more when I hit the command "openstack endpoint list" I receives the output as mentioned in attached output file. Moving forward I tried to configure glance on https but facing some issues of SSL. I am not sure but is there any option to install openstack using packstack with all services endpoints (Public, Internal, admin) over https or any manual to configure it Please find the attached files of output of few command and errors and please help me to configure the openstack with all service endpoints over https. Please let me know if more details are required Thanks Prashant Sakharkar -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/community/attachments/20180410/f47ceeee/attachment-0001.html> -------------- next part -------------- [root at mitaka ~]# cat admin-openrc export OS_PROJECT_DOMAIN_NAME=default export OS_USER_DOMAIN_NAME=default export OS_PROJECT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD=Password export OS_AUTH_URL=https://mitaka.triliodata.demo:35357/v3 export OS_CACERT=/etc/keystone/ssl/certs/keystone.pem export OS_IDENTITY_API_VERSION=3 export OS_IMAGE_API_VERSION=2 ---------------------------- [root at mitaka ~]# openstack endpoint list +----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------------------+ | ID | Region | Service Name | Service Type | Enabled | Interface | URL | +----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------------------+ | 0da65e242d0749beaad70482d65b90a4 | RegionTwo | glance | image | True | internal | https://mitaka.triliodata.demo:9292 | | 31b3b654b6e14f3299a636abf9136d6a | RegionTwo | keystone | identity | True | admin | https://mitaka.triliodata.demo:35357/v3 | | 7c5f349647094ff6a6f535b14eac41ed | RegionTwo | glance | image | True | admin | https://mitaka.triliodata.demo:9292 | | 89acfe261bdf4e64b31bc2e7273ae41c | RegionTwo | glance | image | True | public | https://mitaka.triliodata.demo:9292 | | c1f9aede48bd47aca38ef33e5b3b535c | RegionTwo | keystone | identity | True | public | https://mitaka.triliodata.demo:5000/v3 | | cd3fc756b8c246a7958446a8ad3f76de | RegionTwo | keystone | identity | True | internal | https://mitaka.triliodata.demo:5000/v3 | ------------------------------- [root at mitaka ~]# glance image-list /usr/lib/python2.7/site-packages/requests/packages/urllib3/connection.py:303: SubjectAltNameWarning: Certificate for mitaka.triliodata.demo has no `subjectAltName`, falling back to check for a `commonName` for now. This feature is being removed by major browsers and deprecated by RFC 2818. (See https://github.com/shazow/urllib3/issues/497 for details.) SubjectAltNameWarning SSL exception connecting to https://mitaka.triliodata.demo:9292/v2/images?limit=20&sort_key=name&sort_dir=asc: ("bad handshake: Error([('SSL routines', 'ssl3_read_bytes', 'sslv3 alert handshake failure')],)",) -------------- next part -------------- A non-text attachment was scrubbed... Name: glance-api.conf Type: application/octet-stream Size: 64608 bytes Desc: not available URL: <http://lists.openstack.org/pipermail/community/attachments/20180410/f47ceeee/attachment-0003.obj> -------------- next part -------------- A non-text attachment was scrubbed... Name: glance-registry.conf Type: application/octet-stream Size: 50316 bytes Desc: not available URL: <http://lists.openstack.org/pipermail/community/attachments/20180410/f47ceeee/attachment-0004.obj> -------------- next part -------------- A non-text attachment was scrubbed... Name: keystone.conf Type: application/octet-stream Size: 73570 bytes Desc: not available URL: <http://lists.openstack.org/pipermail/community/attachments/20180410/f47ceeee/attachment-0005.obj>