[cloudstack-documentation] branch master updated: installdocs: docs for https/ssl configuration (#26)

Tue, 05 Feb 2019 00:02:18 -0800 

This is an automated email from the ASF dual-hosted git repository.

rohit pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cloudstack-documentation.git


The following commit(s) were added to refs/heads/master by this push:
     new 5b4f601  installdocs: docs for https/ssl configuration (#26)
     new 7a00bb3  Merge remote-tracking branch 'origin/4.11'
5b4f601 is described below

commit 5b4f601b474c85321dfae33b59f5fc2562200f4f
Author: Rohit Yadav <[email protected]>
AuthorDate: Tue Feb 5 13:27:39 2019 +0530

    installdocs: docs for https/ssl configuration (#26)
    
    Docs for https and TLS setup/configuration
    
    Signed-off-by: Rohit Yadav <[email protected]>
---
 source/installguide/optional_installation.rst | 22 +++++++++++++++++-----
 1 file changed, 17 insertions(+), 5 deletions(-)

diff --git a/source/installguide/optional_installation.rst 
b/source/installguide/optional_installation.rst
index de2d328..8e1617f 100644
--- a/source/installguide/optional_installation.rst
+++ b/source/installguide/optional_installation.rst
@@ -92,14 +92,26 @@ SSL (Optional)
 --------------
 
 CloudStack provides HTTP access in its default installation. There are a
-number of technologies and sites which choose to implement SSL. As a
+number of technologies and sites which choose to implement SSL/TLS. As a
 result, we have left CloudStack to expose HTTP under the assumption that
 a site will implement its typical practice.
 
-CloudStack uses Tomcat as its servlet container. For sites that would
-like CloudStack to terminate the SSL session, Tomcat’s SSL access may be
-enabled. Tomcat SSL configuration is described at
-http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html.
+CloudStack 4.9 and above uses embedded Jetty as its servlet container. For 
sites
+that would like CloudStack to terminate the SSL session, HTTPS can be enabled
+by configuring the https-related settings in CloudStack management server's
+server.properties file at /etc/cloudstack/management/ location:
+
+   .. parsed-literal::
+
+      # For management server to pickup these configuration settings, the 
configured
+      # keystore file should exists and be readable by the management server.
+      https.enable=true
+      https.port=8443
+      https.keystore=/etc/cloudstack/management/cloud.jks
+      https.keystore.password=vmops.com
+
+For storing certificates, admins can create and configure a java keystore file
+and configure the same in the server.properties file as illustrated above.
 
 
 Database Replication (Optional)

Reply via email to