No official documentation but here is how I got it to work on Ubuntu 16.04.01 (in this case I'm using a self-signed certificate):
assuming you're running rgw on a computer called rgwnode: 1. create self-signed certificate ssh rgwnode openssl req -x509 -nodes -newkey rsa:4096 -keyout key.pem -out cert.pem -days 1000 cat key.pem >> /usr/share/ca-certificates/cert.pem ^--- without doing this you get errors like this "civetweb: 0x564d0357d8c0: set_ssl_option: cannot open /usr/share/ca-certificates/cert.pem: error:0906D06C:PEM routines:PEM_read_bio:no start line" cp cert.pem /usr/share/ca-certificates/ 2. configure civitweb: edit your ceph.conf on the admin node and add: [client.rgw.rgwnode] rgw_frontends = civetweb port=443s ssl_certificate=/usr/share/ca-certificates/cert.pem push the config ceph-deploy push rgwnode ssh rgwnode 'sudo systemctl restart ceph-radosgw@rgwnode' this ended up not being enough and I found log messages like these in the logs: 2016-09-09 17:22:21.593231 7f36c33f8a00 0 civetweb: 0x555a3b7988c0: load_dll: cannot load libssl.so 2016-09-09 17:22:21.593278 7f36c33f8a00 0 civetweb: 0x555a3b7988c0: load_dll: cannot load libcrypto.so to fix it: ssh rgwnode sudo ln -s /lib/x86_64-linux-gnu/libssl.so.1.0.0 /usr/lib/libssl.so sudo ln -s /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 /usr/lib/libcrypto.so On Thu, Dec 8, 2016 at 7:44 AM, Puff, Jonathon <jonathon.p...@netapp.com> wrote: > There’s a few documents out around this subject, but I can’t find anything > official. Can someone point me to any official documentation for deploying > this? Other alternatives appear to be a HAproxy frontend. Currently > running 10.2.3 with a single radosgw. > > > > -JP > > _______________________________________________ > ceph-users mailing list > ceph-users@lists.ceph.com > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com > >
_______________________________________________ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com