How to use Let's Encrypt on microstack

getting started
,
1

I’m using microstack for the ease of installing openstack, in my environment microstack is installed via snap on ubuntu (as suggested on the website). It’s working.

But I want to use a valid certificate. I tried using the let’s encrypt installed by snap as well. Make the files certified but it’s not working. How can I change the certificate to use let’s encrypt?

With the microstack and cert-bot install, this is what I’m doing:

cat <<'EOF' > /usr/local/bin/cert-renew
#!/bin/sh

DOMAIN=<my-domain.com.br>

# move to the correct let's encrypt directory
mkdir -p /etc/letsencrypt/live
cd /etc/letsencrypt/live/$DOMAIN

# Ajustes para Microstack
snap set microstack config.tls.generate-self-signed=false
snap set microstack config.tls.cacert-path=/etc/letsencrypt/live/${DOMAIN}/chain.pem
snap set microstack config.tls.cert-path=/etc/letsencrypt/live/${DOMAIN}/cert.pem
snap set microstack config.tls.key-path=/etc/letsencrypt/live/${DOMAIN}/privkey.pem
snap set microstack config.tls.generate-cert=true
EOF

chmod u+x /usr/local/bin/cert-renew

certbot certonly --standalone --post-hook "/usr/local/bin/cert-renew" --preferred-challenges http --http-01-port 80 -d <my-domain.com.br>

The above code is running, creating the certificate and changing the config.tls values in the microstack.

Verified with the command

snap get microstack config.tls

I restart the server and it doesn’t work, I need to restore the old values to work again.

If i try execute a command

microstack.openstack image list

A error is show

Failed to discover available identity versions when contacting https://xxx.xxx.xxx.xxx:5000/v3. Attempting to parse version from URL.
Unable to establish connection to https://xxx.xxx.xxx.xxx:5000/v3/auth/tokens: HTTPSConnectionPool(host='xxx.xxx.xxx.xxx', port=5000): Max retries exceeded with url: /v3/auth/tokens (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7f9b45e70340>: Failed to establish a new connection: [Errno 111] Connection refused'))

How i solve this? I have almost no knowledge in microstack, openstack, snap or let’s encrypt.

References