brooklyn-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From geomacy <...@git.apache.org>
Subject [GitHub] brooklyn-docs pull request #108: Add config instructions for HTTPS on Karaf.
Date Thu, 22 Sep 2016 10:26:11 GMT
Github user geomacy commented on a diff in the pull request:

    https://github.com/apache/brooklyn-docs/pull/108#discussion_r80010424
  
    --- Diff: guide/ops/https.md ---
    @@ -0,0 +1,53 @@
    +---
    +title: HTTPS Configuration
    +layout: website-normal
    +---
    +
    +## HTTPS Configuration
    +
    +### Getting the Certificate
    +To enable HTTPS web access, you will need a server certificate in a java keystore. To
create a self-signed certificate,
    +and add it to a keystore, `keystore.jks`, you can use the following command:
    +
    +{% highlight bash %}
    +% keytool -genkey -keyalg RSA -alias brooklyn \
    +          -keystore <path-to-keystore-directory>/keystore.jks -storepass "mypassword"
\
    +          -validity 365 -keysize 2048 -keypass "password"
    +{% endhighlight %}
    +
    +Of course, the passwords above should be changed.  Omit those arguments above for the
tool to prompt you for the values.
    +
    +You will then be prompted to enter your name and organization details. This will use
(or create, if it does not exist)
    +a keystore with the password `mypassword` - you should use your own secure password,
which will be the same password
    +used in your brooklyn.properties (below). You will also need to replace `<path-to-keystore-directory>`
with the full 
    +path of the folder where you wish to store your keystore. The keystore will contain the
newly generated key, 
    +with alias `brooklyn` and password `password`.
    +
    +The certificate generated will be a self-signed certificate, which will cause a warning
to be displayed by a browser 
    --- End diff --
    
    done


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message