cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Indra Pramana <in...@sg.or.id>
Subject Enable SSL (https) for Cloudstack 4.2.0 management server
Date Tue, 29 Oct 2013 09:02:44 GMT
Dear all,

Any documentation on how to enable SSL (https) for Cloudstack 4.2.0
management server? I am using Ubuntu 12.04.2. I tried to follow the
instruction here, is it still valid?

http://support.citrix.com/article/CTX132008

I have managed to come to the step of creating the PKS12 format keystore:

root@cs-mgmt-01:~/ssl-cert# openssl pkcs12 -export -in server.crt -inkey
server.key -name cloud -passout pass:password > cloud-localhost.pk12
Enter pass phrase for server.key:
root@cs-mgmt-01:~/ssl-cert# ls -la cloud-localhost.pk12
-rw-r--r-- 1 root root 3000 Oct 29 16:11 cloud-localhost.pk12

However, I am not too sure where should I put the file, and how can I
configure Tomcat to use the file? On the above documentation, it says that
I need to put the file on:

/usr/share/cloud/management/conf/

The 4.2 equivalent of the above folder I believe should be

/usr/share/cloudstack-management/conf

I have put the cloud-localhost.pk12 on the folder. What's next? :)

I noted there are these files on the same folder:

-rw-r--r-- 1 root root  10211 Jun  5 02:45 server-nonssl.xml
-rw-r--r-- 1 root root  12094 Sep 24 16:31 server-ssl.xml
lrwxrwxrwx 1 root root     17 Oct 12 23:37 server.xml -> server-nonssl.xml
lrwxrwxrwx 1 root root     19 Oct 12 23:37 tomcat6.conf ->
tomcat6-nonssl.conf
-rw-r--r-- 1 root root   2712 Jun  5 02:45 tomcat6-nonssl.conf
-rw-r--r-- 1 root root   2841 Sep 24 16:31 tomcat6-ssl.conf

I tried to point the symbolic links for server.xml and tomcat6.conf to
server-ssl.xml and tomcat6-ssl.conf respectively, and restarted
cloudstack-management service. But I am not able to access the Cloudstack
GUI, even using https:// in front. It seems that Tomcat is not able to
recognize the pk12 certificate file that I have put?

Looking forward to your reply, thank you.

Cheers.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message