[Pkg-opennebula-devel] Bug#673010: Bug#673010: opennebula-sunstone: Provide a SSL proxy for sunstone to be used over insecure channels

Damien Raude-Morvan drazzib at drazzib.com
Fri May 18 13:36:25 UTC 2012


Olivier,

Iam not convinced by an automatic setup of SSL enabled Sunstone (it 
seems complicated and won't match anyone expectation : autosigned certs 
or CA issued ones, custom SSL port, default vhost or custom one).

But I'll take your sample instruction and add this to README.Debian.

Le 15/05/2012 15:13, Olivier Berger a écrit :
> On Tue, May 15, 2012 at 02:51:59PM +0200, Olivier Berger wrote:
>> The defaul configuration is safe, as it runs on 127.0.0.1, but that's not so much convenient for real life operation in the most generic case. It would then be great to have some Debian packaging already setup to use sunstone with HTTPS, which, for instance could be done with the SSL proxying as explained in http://opennebula.org/documentation:archives:rel3.2:sunstone#configuring_a_ssl_proxy
>>
> Responding to myself...
>
> Maybe docs could provide such instructions.
>
> For instance, for Apache, you need :
>
> # a2enmod proxy_http
> # a2enmod ssl
>
> Then, add to /etc/apache2/sites-enabled/default-ssl :
>
>          # For opennebula sunstone proxying
>          <Proxy *>
>                 Order deny,allow
>                 Allow from all
>          </Proxy>
>
>          <Location />
>                ProxyPass        http://localhost:9869/
>                ProxyPassReverse http://localhost:9869/
>          </Location>
>
> inside the<VirtualHost>.
>
> Then restart apache and enjoy...
>
> Hope this helps.
>
> Best regards,
>






More information about the Pkg-opennebula-devel mailing list