Re: [one-users] Need https for Opennebula URL in browser
Dear Sir, Could someone please say in which file do I need to modify? Thanks Sudeep On Thu, Jun 26, 2014 at 11:17 PM, Sudeep Narayan Banerjee snbaner...@iitgn.ac.in wrote: Dear Martin All, Thanks a lot for the valuable inputs. Which file do I edit in https/conf.d folder? [root@front conf.d]# ls auth_kerb.conf auth_pgsql.conf manual.conf mrtg.conf perl.conf README squid.conf subversion.conf welcome.conf auth_mysql.conf authz_ldap.conf mod_dnssd.conf nss.conf php.conf revocator.conf ssl.confwebalizer.conf wsgi.conf I am in */etc/httpd/conf.d*. Should I create a file (by which name extension) or edit any existing file? I do not know whether *httpd.conf* in */etc/httpd/conf/ folder* is the file you are pointing at! Regards, S N Banerjee On Thu, Jun 26, 2014 at 6:51 PM, Martin Alfke tux...@gmail.com wrote: Hi Sudeep, we run CentOS 6.5 with httpd and mod_passenger and the following configuration snippet in httpd/conf.d: VirtualHost *:443 ServerName default-ssl ## Vhost docroot DocumentRoot /usr/lib/one/sunstone/public ## Directories, there should at least be a declaration for /usr/lib/one/sunstone/public Directory /usr/lib/one/sunstone/public Options -MultiViews AllowOverride None Order allow,deny Allow from all /Directory ## Logging ErrorLog /var/log/httpd/default-ssl_error_ssl.log LogLevel warn ServerSignature Off CustomLog /var/log/httpd/default-ssl_access_ssl.log combined ## SSL directives SSLEngine on SSLCertificateFile crt file SSLCertificateKeyFile key file SSLCACertificatePath/etc/ssl/certs SSLCACertificateFilebundle file FilesMatch \.(cgi|shtml|phtml|php)$ SSLOptions +StdEnvVars /FilesMatch /VirtualHost hth, Martin On 26 Jun 2014, at 14:51, Sudeep Narayan Banerjee snbaner...@iitgn.ac.in wrote: Dear Sirs, Is there any update on the same? Thank you in advance! S N Banerjee On Thu, Jun 26, 2014 at 1:46 AM, Sudeep Narayan Banerjee snbaner...@iitgn.ac.in wrote: Dear Sir, Firstly I would like thank for the simple solution provided for the thread [one-users] VM in opennebula failing. Now I would like to make it route through SSL at 443 port. I checked at your site and could find the steps meant for Ubuntu, hope checked properly! Is it possible for CentOS6.5 x86_64 ? Thanks in advance! Sudeep -- Thanks Regards, Sudeep Narayan Banerjee -- Thanks Regards, Sudeep Narayan Banerjee ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org -- Thanks Regards, Sudeep Narayan Banerjee -- Thanks Regards, Sudeep Narayan Banerjee ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Need https for Opennebula URL in browser
Hi Sudeep, it is very unkind to repeat your question in a community based mailing list. If you need urgent professional support you should get in contact with puppetlabs sales and ask for enterprise support. The file I mentioned is in /etc/httpd/conf.d File name is arbitrary as long as it has the ending .conf http://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-apache-config.html http://wiki.centos.org/TipsAndTricks/ApacheVhostDir Asking Google or duckduckgo would have provided the same results. Please try to search a least a little bit by yourself or get your company an enterprise support. hth, Martin On 27 Jun 2014, at 08:14, Sudeep Narayan Banerjee snbaner...@iitgn.ac.in wrote: Dear Sir, Could someone please say in which file do I need to modify? Thanks Sudeep On Thu, Jun 26, 2014 at 11:17 PM, Sudeep Narayan Banerjee snbaner...@iitgn.ac.in wrote: Dear Martin All, Thanks a lot for the valuable inputs. Which file do I edit in https/conf.d folder? [root@front conf.d]# ls auth_kerb.conf auth_pgsql.conf manual.conf mrtg.conf perl.conf README squid.conf subversion.conf welcome.conf auth_mysql.conf authz_ldap.conf mod_dnssd.conf nss.conf php.conf revocator.conf ssl.confwebalizer.conf wsgi.conf I am in /etc/httpd/conf.d. Should I create a file (by which name extension) or edit any existing file? I do not know whether httpd.conf in /etc/httpd/conf/ folder is the file you are pointing at! Regards, S N Banerjee On Thu, Jun 26, 2014 at 6:51 PM, Martin Alfke tux...@gmail.com wrote: Hi Sudeep, we run CentOS 6.5 with httpd and mod_passenger and the following configuration snippet in httpd/conf.d: VirtualHost *:443 ServerName default-ssl ## Vhost docroot DocumentRoot /usr/lib/one/sunstone/public ## Directories, there should at least be a declaration for /usr/lib/one/sunstone/public Directory /usr/lib/one/sunstone/public Options -MultiViews AllowOverride None Order allow,deny Allow from all /Directory ## Logging ErrorLog /var/log/httpd/default-ssl_error_ssl.log LogLevel warn ServerSignature Off CustomLog /var/log/httpd/default-ssl_access_ssl.log combined ## SSL directives SSLEngine on SSLCertificateFile crt file SSLCertificateKeyFile key file SSLCACertificatePath/etc/ssl/certs SSLCACertificateFilebundle file FilesMatch \.(cgi|shtml|phtml|php)$ SSLOptions +StdEnvVars /FilesMatch /VirtualHost hth, Martin On 26 Jun 2014, at 14:51, Sudeep Narayan Banerjee snbaner...@iitgn.ac.in wrote: Dear Sirs, Is there any update on the same? Thank you in advance! S N Banerjee On Thu, Jun 26, 2014 at 1:46 AM, Sudeep Narayan Banerjee snbaner...@iitgn.ac.in wrote: Dear Sir, Firstly I would like thank for the simple solution provided for the thread [one-users] VM in opennebula failing. Now I would like to make it route through SSL at 443 port. I checked at your site and could find the steps meant for Ubuntu, hope checked properly! Is it possible for CentOS6.5 x86_64 ? Thanks in advance! Sudeep -- Thanks Regards, Sudeep Narayan Banerjee -- Thanks Regards, Sudeep Narayan Banerjee ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org -- Thanks Regards, Sudeep Narayan Banerjee -- Thanks Regards, Sudeep Narayan Banerjee ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Need https for Opennebula URL in browser
Hi Sudeep,
You can also ask enterprise support from C12G Labs [1]. They can help
you for sure, they build OpenNebula.
As for your problem, I would ditch Apache and use nginx. I will post a step
by step untested tutorial below.
First, install nginx on the machine OpenNebula is installed on. I assume you
are on a Debian based OS. If on CentOS switch apt-get with yum.
$ sudo su -
# apt-get install nginx
Configure the default vhost to proxy requests to Sunstone upstream. The
following is what I use in production and it works.
/etc/nginx/sites-enabled/default
### sunstone vhost
### sunstone upstream server
upstream sunstone {
server 127.0.0.1:9869;
}
### sunstone HTTP server
server {
listen 80 default_server;
server_name localhost;
### Set up the access and error logs
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
### Append / if missing and redirect to HTTPS
rewrite ^([^.]*[^/])$ https://$server_name/ permanent;
return 301 https://$server_name$request_uri;
}
### HTTPS Server
#
# sunstone HTTPS server
#
server {
listen443;
server_name localhost;
keepalive_timeout 70;
### Logging
access_log/var/log/nginx/access.log;
error_log /var/log/nginx/error.log debug;
### SSL
ssl on;
ssl_certificate /etc/ssl/certs/sunstone.pem;
ssl_certificate_key /etc/ssl/private/sunstone.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 480m;
### Intercept errors
proxy_intercept_errors on;
### Custom error pages
error_page 404 /errors/404.html;
error_page 401 /errors/401.html;
error_page 400 402 403 405 406 407 408 409 410 411 412 413 414 415 417
417 /errors/4xx.html;
error_page 500 501 502 503 504 505 /errors/5xx.html;
### Root location
#
# Proxy requests to upstream
#
location / {
proxy_pass http://sunstone;
proxy_set_headerHost $host;
proxy_set_headerX-Real-IP $remote_addr;
proxy_set_headerX-Forwarded-For
$proxy_add_x_forwarded_for;
}
### Public Data
#
# Get the files from HDD not via Sunstone
#
location ~ ^/(css/|images/|js/|locale/|vendor/) {
root /usr/lib/one/sunstone/public;
expires 1w;
}
### Error pages
location /errors/ {
alias /var/www/errors/;
internal;
}
}
Generate the SSL certificate. This is a self signed certificate, if you go
production I
recommend you built your own CA or buy a trusted certificate, Globe SSL is
cheap
in this area. This way you can secure your VNC also without any complaints
from
the browser.
# openssl req -x509 -newkey rsa:2048 -keyout /etc/ssl/private/sunstone.pem
-nodes -out /etc/ssl/certs/sunstone.pem -days 3650
Restart nginx and access http://ip.add.re.ss of OpenNebula machine. It
might help
you but please don't blindly copy paste, do some reading, you'll learn cool
things :).
[1]: http://c12g.com/
Best,
Valentin
On Fri, Jun 27, 2014 at 9:21 AM, Martin Alfke tux...@gmail.com wrote:
Hi Sudeep,
it is very unkind to repeat your question in a community based mailing
list.
If you need urgent professional support you should get in contact with
puppetlabs sales and ask for enterprise support.
The file I mentioned is in /etc/httpd/conf.d
File name is arbitrary as long as it has the ending .conf
http://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-apache-config.html
http://wiki.centos.org/TipsAndTricks/ApacheVhostDir
Asking Google or duckduckgo would have provided the same results.
Please try to search a least a little bit by yourself or get your company
an enterprise support.
hth,
Martin
On 27 Jun 2014, at 08:14, Sudeep Narayan Banerjee snbaner...@iitgn.ac.in
wrote:
Dear Sir,
Could someone please say in which file do I need to modify?
Thanks
Sudeep
On Thu, Jun 26, 2014 at 11:17 PM, Sudeep Narayan Banerjee
snbaner...@iitgn.ac.in wrote:
Dear Martin All,
Thanks a lot for the valuable inputs.
Which file do I edit in https/conf.d folder?
[root@front conf.d]# ls
auth_kerb.conf auth_pgsql.conf manual.conf mrtg.conf perl.conf
README squid.conf subversion.conf welcome.conf
auth_mysql.conf authz_ldap.conf mod_dnssd.conf nss.conf php.conf
revocator.conf ssl.confwebalizer.conf wsgi.conf
I am in /etc/httpd/conf.d. Should I create a file (by which name
extension) or edit any existing file?
I do not know whether httpd.conf in /etc/httpd/conf/ folder is the file
you are pointing at!
Regards,
S N Banerjee
On Thu, Jun 26, 2014 at 6:51 PM, Martin Alfke tux...@gmail.com wrote:
Hi Sudeep,
we run CentOS 6.5 with httpd and mod_passenger and the following
Re: [one-users] Need https for Opennebula URL in browser
Dear Sirs, Is there any update on the same? Thank you in advance! S N Banerjee On Thu, Jun 26, 2014 at 1:46 AM, Sudeep Narayan Banerjee snbaner...@iitgn.ac.in wrote: Dear Sir, Firstly I would like thank for the simple solution provided for the thread *[one-users] VM in opennebula failing*. Now I would like to make it route through SSL at 443 port. I checked at your site and could find the steps meant for Ubuntu, hope checked properly! Is it possible for CentOS6.5 x86_64 ? Thanks in advance! Sudeep -- Thanks Regards, Sudeep Narayan Banerjee -- Thanks Regards, Sudeep Narayan Banerjee ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Need https for Opennebula URL in browser
Hi Sudeep, we run CentOS 6.5 with httpd and mod_passenger and the following configuration snippet in httpd/conf.d: VirtualHost *:443 ServerName default-ssl ## Vhost docroot DocumentRoot /usr/lib/one/sunstone/public ## Directories, there should at least be a declaration for /usr/lib/one/sunstone/public Directory /usr/lib/one/sunstone/public Options -MultiViews AllowOverride None Order allow,deny Allow from all /Directory ## Logging ErrorLog /var/log/httpd/default-ssl_error_ssl.log LogLevel warn ServerSignature Off CustomLog /var/log/httpd/default-ssl_access_ssl.log combined ## SSL directives SSLEngine on SSLCertificateFile crt file SSLCertificateKeyFile key file SSLCACertificatePath/etc/ssl/certs SSLCACertificateFilebundle file FilesMatch \.(cgi|shtml|phtml|php)$ SSLOptions +StdEnvVars /FilesMatch /VirtualHost hth, Martin On 26 Jun 2014, at 14:51, Sudeep Narayan Banerjee snbaner...@iitgn.ac.in wrote: Dear Sirs, Is there any update on the same? Thank you in advance! S N Banerjee On Thu, Jun 26, 2014 at 1:46 AM, Sudeep Narayan Banerjee snbaner...@iitgn.ac.in wrote: Dear Sir, Firstly I would like thank for the simple solution provided for the thread [one-users] VM in opennebula failing. Now I would like to make it route through SSL at 443 port. I checked at your site and could find the steps meant for Ubuntu, hope checked properly! Is it possible for CentOS6.5 x86_64 ? Thanks in advance! Sudeep -- Thanks Regards, Sudeep Narayan Banerjee -- Thanks Regards, Sudeep Narayan Banerjee ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Need https for Opennebula URL in browser
Dear Martin All, Thanks a lot for the valuable inputs. Which file do I edit in https/conf.d folder? [root@front conf.d]# ls auth_kerb.conf auth_pgsql.conf manual.conf mrtg.conf perl.conf README squid.conf subversion.conf welcome.conf auth_mysql.conf authz_ldap.conf mod_dnssd.conf nss.conf php.conf revocator.conf ssl.confwebalizer.conf wsgi.conf I am in */etc/httpd/conf.d*. Should I create a file (by which name extension) or edit any existing file? I do not know whether *httpd.conf* in */etc/httpd/conf/ folder* is the file you are pointing at! Regards, S N Banerjee On Thu, Jun 26, 2014 at 6:51 PM, Martin Alfke tux...@gmail.com wrote: Hi Sudeep, we run CentOS 6.5 with httpd and mod_passenger and the following configuration snippet in httpd/conf.d: VirtualHost *:443 ServerName default-ssl ## Vhost docroot DocumentRoot /usr/lib/one/sunstone/public ## Directories, there should at least be a declaration for /usr/lib/one/sunstone/public Directory /usr/lib/one/sunstone/public Options -MultiViews AllowOverride None Order allow,deny Allow from all /Directory ## Logging ErrorLog /var/log/httpd/default-ssl_error_ssl.log LogLevel warn ServerSignature Off CustomLog /var/log/httpd/default-ssl_access_ssl.log combined ## SSL directives SSLEngine on SSLCertificateFile crt file SSLCertificateKeyFile key file SSLCACertificatePath/etc/ssl/certs SSLCACertificateFilebundle file FilesMatch \.(cgi|shtml|phtml|php)$ SSLOptions +StdEnvVars /FilesMatch /VirtualHost hth, Martin On 26 Jun 2014, at 14:51, Sudeep Narayan Banerjee snbaner...@iitgn.ac.in wrote: Dear Sirs, Is there any update on the same? Thank you in advance! S N Banerjee On Thu, Jun 26, 2014 at 1:46 AM, Sudeep Narayan Banerjee snbaner...@iitgn.ac.in wrote: Dear Sir, Firstly I would like thank for the simple solution provided for the thread [one-users] VM in opennebula failing. Now I would like to make it route through SSL at 443 port. I checked at your site and could find the steps meant for Ubuntu, hope checked properly! Is it possible for CentOS6.5 x86_64 ? Thanks in advance! Sudeep -- Thanks Regards, Sudeep Narayan Banerjee -- Thanks Regards, Sudeep Narayan Banerjee ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org -- Thanks Regards, Sudeep Narayan Banerjee ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Need https for Opennebula URL in browser
Dear All, May I please request you all to kindly provide me with an update? Thanks in advance! S N Banerjee On Thu, Jun 26, 2014 at 11:17 PM, Sudeep Narayan Banerjee snbaner...@iitgn.ac.in wrote: Dear Martin All, Thanks a lot for the valuable inputs. Which file do I edit in https/conf.d folder? [root@front conf.d]# ls auth_kerb.conf auth_pgsql.conf manual.conf mrtg.conf perl.conf README squid.conf subversion.conf welcome.conf auth_mysql.conf authz_ldap.conf mod_dnssd.conf nss.conf php.conf revocator.conf ssl.confwebalizer.conf wsgi.conf I am in */etc/httpd/conf.d*. Should I create a file (by which name extension) or edit any existing file? I do not know whether *httpd.conf* in */etc/httpd/conf/ folder* is the file you are pointing at! Regards, S N Banerjee On Thu, Jun 26, 2014 at 6:51 PM, Martin Alfke tux...@gmail.com wrote: Hi Sudeep, we run CentOS 6.5 with httpd and mod_passenger and the following configuration snippet in httpd/conf.d: VirtualHost *:443 ServerName default-ssl ## Vhost docroot DocumentRoot /usr/lib/one/sunstone/public ## Directories, there should at least be a declaration for /usr/lib/one/sunstone/public Directory /usr/lib/one/sunstone/public Options -MultiViews AllowOverride None Order allow,deny Allow from all /Directory ## Logging ErrorLog /var/log/httpd/default-ssl_error_ssl.log LogLevel warn ServerSignature Off CustomLog /var/log/httpd/default-ssl_access_ssl.log combined ## SSL directives SSLEngine on SSLCertificateFile crt file SSLCertificateKeyFile key file SSLCACertificatePath/etc/ssl/certs SSLCACertificateFilebundle file FilesMatch \.(cgi|shtml|phtml|php)$ SSLOptions +StdEnvVars /FilesMatch /VirtualHost hth, Martin On 26 Jun 2014, at 14:51, Sudeep Narayan Banerjee snbaner...@iitgn.ac.in wrote: Dear Sirs, Is there any update on the same? Thank you in advance! S N Banerjee On Thu, Jun 26, 2014 at 1:46 AM, Sudeep Narayan Banerjee snbaner...@iitgn.ac.in wrote: Dear Sir, Firstly I would like thank for the simple solution provided for the thread [one-users] VM in opennebula failing. Now I would like to make it route through SSL at 443 port. I checked at your site and could find the steps meant for Ubuntu, hope checked properly! Is it possible for CentOS6.5 x86_64 ? Thanks in advance! Sudeep -- Thanks Regards, Sudeep Narayan Banerjee -- Thanks Regards, Sudeep Narayan Banerjee ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org -- Thanks Regards, Sudeep Narayan Banerjee -- Thanks Regards, Sudeep Narayan Banerjee ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] Need https for Opennebula URL in browser
Dear Sir, Firstly I would like thank for the simple solution provided for the thread *[one-users] VM in opennebula failing*. Now I would like to make it route through SSL at 443 port. I checked at your site and could find the steps meant for Ubuntu, hope checked properly! Is it possible for CentOS6.5 x86_64 ? Thanks in advance! Sudeep -- Thanks Regards, Sudeep Narayan Banerjee ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
