|
Hi everyone,
I am trying to integrate
Openstack Keystone with radosgw using the doc :
I have made all the necessary
changes and was successfully able to use swift client to connect
and use the Ceph Object Gateway via Swift-compatible API.
But, issue arises when I want to
use Keystone as my authenticationg mechanism.
I have created keystone service
and endpoint.
But while running the command :
openssl x509 -in /etc/keystone/ssl/certs/ca.pem -pubkey | certutil -d /var/lib/ceph/nss -A -n ca -t "TCu,Cu,Tuw" gives me error as:
certutil: function failed: SEC_ERROR_LEGACY_DATABASE: The
certificate/key database is in an old, unsupported format.
Here is my ceph.conf:
[global]
fsid = 30040254-7177-4a08-8d31-9be2a8b4bac7
mon_initial_members = ceph-node1
mon_host = 10.0.1.11
auth_cluster_required = cephx
auth_service_required = cephx
auth_client_required = cephx
filestore_xattr_use_omap = true
[client.radosgw.gateway]
host = ceph-node1
keyring = /etc/ceph/keyring.radosgw.gateway
rgw_socket_path = /tmp/radosgw.sock
log_file = /var/log/ceph/radosgw.log
rgw keystone url = "" class="moz-txt-link-freetext" href="http://10.0.1.11:35357">http://10.0.1.11:35357
rgw keystone admin token = ashish
rgw keystone accepted roles = admin, Member
rgw keystone token cache size = 100
rgw keystone revocation interval = 300
rgw s3 auth use keystone = true
nss db path = /var/lib/ceph/nss
Please let me know what I could
be doing wrong.
Thanks and Regards
Ashish Chandra
Openstack Developer, Cloud
Engineering
Reliance Jio
|
_______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
