cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Corey, Mike" <mike.co...@sap.com>
Subject Configuring HTTPS for UI
Date Tue, 04 Aug 2020 18:46:30 GMT
Hi,

I'm trying to figure out how to use https or 8443 with an internally signed certificate and
chain for the UI.  The latest documentation only has the below snippet.  I've created my internally
signed certificate, root, and intermediary cert and I believe I've done all the imports into
my keystore using keytool correctly.  I've also modified the server.properties with the correct
jks location and password as directed by the documentation.

Older versions of CloudStack documentation reference doing something with Jetty, but the link
to the reference is for out of life versions.  I don't see any messages in the logs pertaining
to TLS, SSL, 8443, etc.  Is there more to this process than documented?

SSL (Optional)
CloudStack provides HTTP access in its default installation. There are a number of technologies
and sites which choose to implement SSL/TLS. As a result, we have left CloudStack to expose
HTTP under the assumption that a site will implement its typical practice.
CloudStack 4.9 and above uses embedded Jetty as its servlet container. For sites that would
like CloudStack to terminate the SSL session, HTTPS can be enabled by configuring the https-related
settings in CloudStack management server's server.properties file at /etc/cloudstack/management/
location:
# For management server to pickup these configuration settings, the configured
# keystore file should exists and be readable by the management server.
https.enable=true
https.port=8443
https.keystore=/etc/cloudstack/management/cloud.jks
https.keystore.password=vmops.com
For storing certificates, admins can create and configure a java keystore file and configure
the same in the server.properties file as illustrated above.



Mike Corey

Technology Senior Consultant, IT CS CTW Operation & Virtualization Service US

SAP AMERICA, INC. 3999 West Chester Pike, Newtown Square, 19073 United States

T +1 610 661 0905, M +1 484 274 2658, E mike.corey@sap.com



[cid:image003.png@01D66A6E.08FC2F20]



Mime
  • Unnamed multipart/related (inline, None, 0 bytes)
View raw message