Hi, We've had similar issues when trying to use HTTPS.
One step was to change maas_url in regiond.conf (and also rackd.conf ?). The second step is to ensure that there is as valid certificate set up in /etc/apache2/conf-enabled/maas-http.conf -> /usr/share/maas/maas-http.conf . That file by default uses a self-signed certificate. This breaks enlistment and commissioning, silently. Note that changing that file is a bit problematic because AFAIK, the file is not considered a configuration file, and so your changes to it might get overridden when you upgrade MAAS. We also encounter the weird redirects to http, e.g., after login. I tried setting up a redirect rule in the Apache configuration to prevent this, without success. If you find a solution to this, I'd be glad to hear it. Best, Jonas On Fri, Feb 17, 2017 at 6:48 PM Jim Tilander <[email protected]> wrote: > I’m on 2.1.2+bzr5555-0ubuntu1~16.04.1. > > Does the commandline do anything except change the regiond.conf file? > Because I just hand edited the config file before and that’s when the > enlistment and commissioning stopped working since they all try to talk to > the API service via that link, but the twisted service doesn’t seem to know > about HTTPS? > > Or is there any special place I need to place the certificate for the > twisted service? > > I’ve got a wildcard certificate for my domain, and it works for the web > service right now (although just through apache). > > > On Feb 17, 2017, at 9:42 AM, Peter Matulis <[email protected]> > wrote: > > > > It should definitely change the URL in /etc/maas/regiond.conf . I just > > tried it. Although I am running 2.2 (beta2). > > > > You would also need to use the server name that is on the SSL > > certificate (not 'localhost'). > > > > On Fri, Feb 17, 2017 at 12:27 PM, Jim Tilander <[email protected]> wrote: > >> I hadn’t. I tried that command, it didn’t seem to change > /etc/maas/regiond.conf (where is the URL setting kept?) > >> > >> Restarting the maas-regiond afterwards broke the webUI, no response. I > had to revert back. > >> > >>> On Feb 17, 2017, at 6:44 AM, Peter Matulis < > [email protected]> wrote: > >>> > >>> Did you change the MAAS URL? > >>> > >>> sudo maas-region local_config_set --maas-url > https://localhost:5240/MAAS > >>> sudo systemctl restart maas-regiond > >>> > >>> > >>> On Tue, Feb 14, 2017 at 9:44 PM, Jim Tilander <[email protected]> > wrote: > >>>> Hi, > >>>> > >>>> So I’ve been trying to stick my server behind https, with little > success. > >>>> > >>>> I’ve added an extra site in the apache config and stuck a certificate > in place. I can hit https and the site *kind* of works, but there are still > some strange redirects back to regular http (notably after the login). > >>>> > >>>> Is there any config that I can modify to disable the redirects to > regular http? > >>>> > >>>> There is also a config file in /etc/maas/regiond.conf (I think that’s > the file from memory here) that list the twisted port the python service is > running under. This is a http port. Is there any way that I can change this > to be served under https? (simply changing it to https doesn’t seem to work > so well). > >>>> > >>>> Cheers, > >>>> Jim > >>>> > >>>> > >>>> > >>>> -- > >>>> Maas-devel mailing list > >>>> [email protected] > >>>> Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/maas-devel > >> > > > -- > Maas-devel mailing list > [email protected] > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/maas-devel >
-- Maas-devel mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/maas-devel
