brooklyn-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [3/7] incubator-brooklyn git commit: Adds instructions to enable HTTPS
Date Fri, 12 Dec 2014 12:06:18 GMT
Adds instructions to enable HTTPS


Branch: refs/heads/master
Commit: 53855c608405e6bd605b0ba0e01f4a41d460c41a
Parents: 39935ba
Author: Martin Harris <>
Authored: Fri Dec 12 11:22:30 2014 +0000
Committer: Martin Harris <>
Committed: Fri Dec 12 11:22:30 2014 +0000

 docs/use/guide/management/ | 26 +++++++++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)
diff --git a/docs/use/guide/management/ b/docs/use/guide/management/
index 64afa9b..0fff39c 100644
--- a/docs/use/guide/management/
+++ b/docs/use/guide/management/
@@ -207,7 +207,31 @@ If not using the web console, you can specify
 During dev/test you can specify ``
 to allow logins with no credentials. 
+To enable https, you will need a server certificate in a java keystore. To create a self-signed
certificate, you can use the
+following command:
+`keytool -genkey -keyalg RSA -alias brooklyn -keystore <path-to-keystore-directory>/server.key
-storepass mypassword -validity 360 -keysize 2048`
+You will then be prompted to enter you name and organization details. This will create a
keystore with the password `mypassword`
+- you should use your own secure password, which will be the same password used in your
+You will also need to replace `<path-to-keystore-directory>` with the full path of
the folder where you wish to store your
+The certificate generated will be a self-signed certificate and will not have a CN field
identifying the website server 
+name, which will cause a warning to be displayed by the browser when viewing the page. For
production servers, a valid signed 
+certificate from a trusted certifying authority should be used instead
+To enable HTTPS in Brooklyn, add the following to your
+# HTTPS<path-to-keystore-directory>/server.key
+In order to access the Brooklyn console, you will also need to enable security, and setup
a user as described above
 <a name="observation-other"></a>
 Other Ways to Observe Activity

View raw message