It should look a little something like this .. service_type: rgw service_id: encrypted_rgw placement: label: encrypted count_per_host: 1 networks: - your-network/24 spec: rgw_frontend_port: 8101 ssl: true rgw_frontend_ssl_certificate: |
It should follow the certificate chain your SSL provider gives, generally the order would be: Your Certificate â Intermediary Certificate(s) â Root Certificate â Private Key -- Michael ________________________________ From: Albert Shih <albert.s...@obspm.fr> Sent: Friday, June 6, 2025 4:55:15 AM To: ceph-users@ceph.io <ceph-users@ceph.io> Subject: [ceph-users] Confuse by rgw and certificate This is an external email. Please take care when clicking links or opening attachments. When in doubt, check with the Help Desk or Security. Hi everyone. I'm trying to configure a RGW for S3. I'm currently running reef 18.2.7 I was able to make the rgw working (= the service is up and listen on the correct port) without ssl. I'm trying to configure the ssl port and I didn't find the correct syntaxe for that. I create a yaml file with something like spec: rgw_frontend_port: 8080 zone_endpoints: https://host1:8080, https://host2:8080,etc. ssl: true rgw_frontend_ssl_certificate: | -----BEGIN RSA PRIVATE KEY----- .... -----END RSA PRIVATE KEY----- -----BEGIN CERTIFICATE----- ..... -----END CERTIFICATE----- or with the all chain of CA spec: rgw_frontend_port: 8080 zone_endpoints: https://host1:8080, https://host2:8080,etc. ssl: true rgw_frontend_ssl_certificate: | -----BEGIN RSA PRIVATE KEY----- .... -----END RSA PRIVATE KEY----- -----BEGIN CERTIFICATE----- ..... -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- ..... -----END CERTIFICATE----- ..... -----BEGIN CERTIFICATE----- ..... -----END CERTIFICATE----- both not working the journalctl say ssl_private_key was not found: rgw/cert/obspm/meudon.key I find somewhere on the net this syntaxe spec: rgw_frontend_port: 8080 zone_endpoints: https://host1:8080, https://host2:8080,etc. ssl: true ssl_private_key: | -----BEGIN RSA PRIVATE KEY----- .... -----END RSA PRIVATE KEY----- ssl_certificate: | -----BEGIN CERTIFICATE----- ..... -----END CERTIFICATE----- and I got Error EINVAL: ServiceSpec: __init__() got an unexpected keyword argument 'ssl_private_key' Any clue ? Regards -- Albert SHIH đĻĢ đ¸ France Heure locale/Local time: ven. 06 juin 2025 10:47:08 CEST _______________________________________________ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io This message and its attachments are from Data Dimensions and are intended only for the use of the individual or entity to which it is addressed, and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender immediately and permanently delete the original email and destroy any copies or printouts of this email as well as any attachments. _______________________________________________ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io
