Hi Ulrich, We have added a new patch in order to support custom paths and ports when setting up an SSL proxy on top of the econe-server. You can see this patch in the following link:
http://dev.opennebula.org/issues/985 This patch has been included in the last release (3.2.1). I recommend you to upgrade to this version. Also the performance should be improved since we have included a new authentication cache. Currently the econe-server is running in our public cloud with an SSL proxy, using the following configuration: $ cat econe.conf # Host and port where econe server will run :server: localhost :port: 7141 # SSL proxy that serves the API (set if is being used) :ssl_server: https://cloud.opennebula.org/econe # Authentication driver for incomming requests # ec2, default Acess key and Secret key scheme # x509, for x509 certificates based authentication :auth: ec2 # Authentication driver to communicate with OpenNebula core # cipher, for symmetric cipher encryption of tokens # x509, for x509 certificate encryption of tokens :core_auth: cipher $ cat apache2.conf <VirtualHost *:443> servername cloud.opennebula.org SSLEngine on ProxyPass /econe http://localhost:7141/ ProxyPassReverse /econe http://localhost:7141/ </VirtualHost> If you use a path different from '/' the client must support this feature, otherwise the authentication will fail. The econe tools included in the 3.2.1 release support custom paths. Also if you want the proxy to listen in a different port from the default (443) you can specify it in the ssl_parameter: :ssl_server: https://cloud.opennebula.org:8082/ Hope this helps On 2 February 2012 22:45, Ulrich Schwickerath <ulrich.schwicker...@cern.ch> wrote: > Hi, > > did anybody try to setup the ONE 3.2 econe-server with an SSL proxy ? The > instructions on the web on this seem to be a bit out of date. > I had it working fine with 3.0 but with 3.2 I get authentication errors (the > ssl proxy setup is unchanged sinde 3.0). Direct access via http works > (although slower than before). > > Cheers, > Ulrich > > > _______________________________________________ > Users mailing list > Users@lists.opennebula.org > http://lists.opennebula.org/listinfo.cgi/users-opennebula.org -- Daniel Molina Project Engineer OpenNebula - The Open Source Toolkit for Data Center Virtualization www.OpenNebula.org | dmol...@opennebula.org | @OpenNebula _______________________________________________ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org