Uhm. It looks like the OpenSSl commands in the nginx are suboptimal, or obsolete, or both. I like the conciseness in the superuser.com solution: I applied that one, and the other changes you suggested.
I will test this all better manually before landing. Thanks. https://codereview.appspot.com/6940084/diff/6009/config/nginx.conf.template File config/nginx.conf.template (right): https://codereview.appspot.com/6940084/diff/6009/config/nginx.conf.template#newcode1 config/nginx.conf.template:1: server { On 2012/12/19 03:55:52, gary.poster wrote: > As we discussed, please add a redirect from port 80 to port 443, and then > re-expose port 80 in the docs and code (in addition to port 443). Done. https://codereview.appspot.com/6940084/diff/6009/config/nginx.conf.template#newcode6 config/nginx.conf.template:6: ssl_certificate /etc/ssl/private/juju-gui/server.pem On 2012/12/19 03:55:52, gary.poster wrote: > You need to terminate this with a semicolon. Done. https://codereview.appspot.com/6940084/diff/6009/config/nginx.conf.template#newcode7 config/nginx.conf.template:7: ssl_certificate_key /etc/ssl/private/juju-gui/server.key On 2012/12/19 03:55:52, gary.poster wrote: > This one needs a semicolon too. Done. https://codereview.appspot.com/6940084/diff/6009/hooks/utils.py File hooks/utils.py (right): https://codereview.appspot.com/6940084/diff/6009/hooks/utils.py#newcode25 hooks/utils.py:25: command, On 2012/12/19 03:55:52, gary.poster wrote: > Please also import environ... Done. https://codereview.appspot.com/6940084/diff/6009/hooks/utils.py#newcode228 hooks/utils.py:228: os.makedirs(ssl_cert_path) On 2012/12/19 03:55:52, gary.poster wrote: > To make debugging easier, I suggest only creating the directory if it does not > exist. See http://pastebin.ubuntu.com/1449174/ for example. Done. https://codereview.appspot.com/6940084/diff/6009/hooks/utils.py#newcode230 hooks/utils.py:230: cmd_log(run('openssl', 'genrsa', '-des3', '-out', key_path, '1024')) On 2012/12/19 03:55:52, gary.poster wrote: > This is interactive, and fails. > See http://pastebin.ubuntu.com/1449174/ for an approach that eliminates this > problem and seems simpler. Done. https://codereview.appspot.com/6940084/diff/6009/hooks/utils.py#newcode233 hooks/utils.py:233: cmd_log(run('openssl', 'req', '-new', '-key', key_path, '-out', On 2012/12/19 03:55:52, gary.poster wrote: > This is interactive, and fails. > See http://pastebin.ubuntu.com/1449174/ for an approach that eliminates this > problem and seems simpler. Done. https://codereview.appspot.com/6940084/ -- https://code.launchpad.net/~teknico/charms/precise/juju-gui/serve-via-https/+merge/140511 Your team Juju GUI Hackers is requested to review the proposed merge of lp:~teknico/charms/precise/juju-gui/serve-via-https into lp:~juju-gui/charms/precise/juju-gui/trunk. -- Mailing list: https://launchpad.net/~yellow Post to : [email protected] Unsubscribe : https://launchpad.net/~yellow More help : https://help.launchpad.net/ListHelp
