[Pkg-opennebula-devel] Bug#673010: opennebula-sunstone: Provide a SSL proxy for sunstone to be used over insecure channels

Olivier Berger olivier.berger at it-sudparis.eu
Tue May 15 13:13:43 UTC 2012 

On Tue, May 15, 2012 at 02:51:59PM +0200, Olivier Berger wrote:
> 
> The defaul configuration is safe, as it runs on 127.0.0.1, but that's not so much convenient for real life operation in the most generic case. It would then be great to have some Debian packaging already setup to use sunstone with HTTPS, which, for instance could be done with the SSL proxying as explained in http://opennebula.org/documentation:archives:rel3.2:sunstone#configuring_a_ssl_proxy
> 

Responding to myself...

Maybe docs could provide such instructions.

For instance, for Apache, you need :

# a2enmod proxy_http
# a2enmod ssl

Then, add to /etc/apache2/sites-enabled/default-ssl :

        # For opennebula sunstone proxying
        <Proxy *>
               Order deny,allow
               Allow from all
        </Proxy>

        <Location />
              ProxyPass        http://localhost:9869/
              ProxyPassReverse http://localhost:9869/
        </Location>

inside the <VirtualHost>.

Then restart apache and enjoy...

Hope this helps.

Best regards,

-- 
Olivier BERGER 
http://www-public.it-sudparis.eu/~berger_o/ - OpenPGP-Id: 2048R/5819D7E8
Ingenieur Recherche - Dept INF
Institut Mines-Telecom, Telecom SudParis, Evry (France)

More information about the Pkg-opennebula-devel mailing list