• Introduction
• Section1: Keystone Settings for SSL
• 1. Create ssl directories and assign ownership
• 2. Download the script to create self-signed certs
• 3. Create self-signed SSL certs for Keystone
• 4. Sync SSL certs with the all other keystone nodes
• 5. Configure keystone.conf, nova.conf, glance-api.conf, glance-registry.conf & local_settings
• 6. Add keystone endpoint with https url
• 7. Restart keystone
• Section2: api-server SSL settings
• 1. Create ssl directories and assign ownership
• 2. Download the script to create self-signed certs
• 3. Create self-signed SSL certs for api-server
• 4. Create certificate bundle
• 5. Copy keystone certs to api-server node
• 6. Sync SSL certs with the all other config nodes
• 7. Configure api-server frontend/backend in haproxy
• 8. Configure contrail-keystone-auth.conf & neutron.con
• 9. Configure vnc_api_lib.ini
• 10. Restart api-server
• Section3: neutron-server SSL settings
• 1. Create ssl directories and assign ownership
• 2. Download the script to create self-signed certs
• 3. Create self-signed SSL certs for neutron-server
• 4. Create certificate bundle
• 5. Copy keystone certs to neutron-server node
• 6. Copy api-server certs to config node
• 6. Sync SSL certs with the all other neutron-server node
• 7. Configure neutron-server frontend/backend in haproxy
• 8. Configure neutron.conf
• 9. Configure ContrailPlugin.ini
• 10. Configure vnc_api_lib.ini
• 11. Restart neutron-server