Creating secrets

Creating a secret in the cloud management portal

To create a secret from the Cloud management portal

  • Press Secret management and then Secrets in the sidebar menu.

  • Press the + (plus) icon in the lower right corner.

  • Select a user from the dropdown and enter the password for that user along with other details. Credentials of the User to make it the owner of the secret.

  • Enter a descriptive name of the secret.

  • Select what kind of payload (file or text) and input it. The Payload Data field stores the secret data to be encrypted and stored.

  • Press Create. The secret is now stored.

Creating a secret using the OpenStack terminal client

This shows you how to create a secret secret by using the OpenStack Terminal Client

Uploading a certificate

This is an example of how to upload a certificate in binary format that’s needed for TLS termination when using our load balancer service.

openstack secret store --name='[SECRET_NAME]' -t 'application/octet-stream' -e 'base64' --payload="$(base64 < lb-cert.p12)"

Encryption key for object storage

This is an example of how to upload a encryption key that’s needed with the SSE-KMS specification in our object storage service.

You can use openssl rand -base64 32 to generate a new encryption key that is base64 encoded.

openstack secret store --name '[SECRET_NAME]' --payload-content-type='application/octet-stream' --payload-content-encoding='base64' --algorithm 'aes' --bit-length 256 --mode 'ctr' --secret-type 'symmetric' --payload [base64_encoded_payload]