Return-Path: 
 <commits-return-2374-apmail-brooklyn-commits-archive=brooklyn.apache.org@brooklyn.incubator.apache.org>
X-Original-To: apmail-brooklyn-commits-archive@minotaur.apache.org
Delivered-To: apmail-brooklyn-commits-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 869B39F6D
	for <apmail-brooklyn-commits-archive@minotaur.apache.org>;
 Fri, 12 Dec 2014 12:06:48 +0000 (UTC)
Received: (qmail 63868 invoked by uid 500); 12 Dec 2014 12:06:48 -0000
Delivered-To: apmail-brooklyn-commits-archive@brooklyn.apache.org
Received: (qmail 63843 invoked by uid 500); 12 Dec 2014 12:06:48 -0000
Mailing-List: contact commits-help@brooklyn.incubator.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@brooklyn.incubator.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@brooklyn.incubator.apache.org>
List-Post: <mailto:commits@brooklyn.incubator.apache.org>
List-Id: <commits.brooklyn.incubator.apache.org>
Reply-To: dev@brooklyn.incubator.apache.org
Delivered-To: mailing list commits@brooklyn.incubator.apache.org
Received: (qmail 63834 invoked by uid 99); 12 Dec 2014 12:06:48 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 12 Dec 2014 12:06:48 +0000
X-ASF-Spam-Status: No, hits=-2000.0 required=5.0
	tests=ALL_TRUSTED,T_RP_MATCHES_RCVD
X-Spam-Check-By: apache.org
Received: from [140.211.11.3] (HELO mail.apache.org) (140.211.11.3)
    by apache.org (qpsmtpd/0.29) with SMTP; Fri, 12 Dec 2014 12:06:25 +0000
Received: (qmail 60726 invoked by uid 99); 12 Dec 2014 12:06:16 -0000
Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org)
 (140.211.11.114)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 12 Dec 2014 12:06:16 +0000
Received: by tyr.zones.apache.org (Postfix, from userid 65534)
	id 9E6A0A28EA1; Fri, 12 Dec 2014 12:06:16 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: richard@apache.org
To: commits@brooklyn.incubator.apache.org
Date: Fri, 12 Dec 2014 12:06:18 -0000
Message-Id: <fdac4f14b9634eb6a773c7b778d15c3c@git.apache.org>
In-Reply-To: <c1c774d0df884b1b8b5351513fb59e49@git.apache.org>
References: <c1c774d0df884b1b8b5351513fb59e49@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: [3/7] incubator-brooklyn git commit: Adds instructions to enable
 HTTPS
X-Virus-Checked: Checked by ClamAV on apache.org

Adds instructions to enable HTTPS


Project: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/commit/53855c60
Tree: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/tree/53855c60
Diff: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/diff/53855c60

Branch: refs/heads/master
Commit: 53855c608405e6bd605b0ba0e01f4a41d460c41a
Parents: 39935ba
Author: Martin Harris <github@nakomis.com>
Authored: Fri Dec 12 11:22:30 2014 +0000
Committer: Martin Harris <github@nakomis.com>
Committed: Fri Dec 12 11:22:30 2014 +0000

----------------------------------------------------------------------
 docs/use/guide/management/index.md | 26 +++++++++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/53855c60/docs/use/guide/management/index.md
----------------------------------------------------------------------
diff --git a/docs/use/guide/management/index.md b/docs/use/guide/management/index.md
index 64afa9b..0fff39c 100644
--- a/docs/use/guide/management/index.md
+++ b/docs/use/guide/management/index.md
@@ -207,7 +207,31 @@ If not using the web console, you can specify
 During dev/test you can specify `brooklyn.webconsole.security.provider=brooklyn.rest.security.provider.AnyoneSecurityProvider`
 to allow logins with no credentials. 
 
- 
+To enable https, you will need a server certificate in a java keystore. To create a self-signed certificate, you can use the
+following command:
+
+`keytool -genkey -keyalg RSA -alias brooklyn -keystore <path-to-keystore-directory>/server.key -storepass mypassword -validity 360 -keysize 2048`
+
+You will then be prompted to enter you name and organization details. This will create a keystore with the password `mypassword`
+- you should use your own secure password, which will be the same password used in your brooklyn.properties (below). 
+You will also need to replace `<path-to-keystore-directory>` with the full path of the folder where you wish to store your
+keystore. 
+
+The certificate generated will be a self-signed certificate and will not have a CN field identifying the website server 
+name, which will cause a warning to be displayed by the browser when viewing the page. For production servers, a valid signed 
+certificate from a trusted certifying authority should be used instead
+
+To enable HTTPS in Brooklyn, add the following to your brooklyn.properties:
+
+```
+# HTTPS
+brooklyn.webconsole.security.https.required=true
+brooklyn.webconsole.security.keystore.url=<path-to-keystore-directory>/server.key
+brooklyn.webconsole.security.keystore.password=mypassword
+brooklyn.webconsole.security.keystore.certificate.alias=brooklyn
+```
+
+In order to access the Brooklyn console, you will also need to enable security, and setup a user as described above
 
 <a name="observation-other"></a>
 Other Ways to Observe Activity