Hi, I'm trying to figure out how to use https or 8443 with an internally signed certificate and chain for the UI. The latest documentation only has the below snippet. I've created my internally signed certificate, root, and intermediary cert and I believe I've done all the imports into my keystore using keytool correctly. I've also modified the server.properties with the correct jks location and password as directed by the documentation.
Older versions of CloudStack documentation reference doing something with Jetty, but the link to the reference is for out of life versions. I don't see any messages in the logs pertaining to TLS, SSL, 8443, etc. Is there more to this process than documented? SSL (Optional) CloudStack provides HTTP access in its default installation. There are a number of technologies and sites which choose to implement SSL/TLS. As a result, we have left CloudStack to expose HTTP under the assumption that a site will implement its typical practice. CloudStack 4.9 and above uses embedded Jetty as its servlet container. For sites that would like CloudStack to terminate the SSL session, HTTPS can be enabled by configuring the https-related settings in CloudStack management server's server.properties file at /etc/cloudstack/management/ location: # For management server to pickup these configuration settings, the configured # keystore file should exists and be readable by the management server. https.enable=true https.port=8443 https.keystore=/etc/cloudstack/management/cloud.jks https.keystore.password=vmops.com For storing certificates, admins can create and configure a java keystore file and configure the same in the server.properties file as illustrated above. Mike Corey Technology Senior Consultant, IT CS CTW Operation & Virtualization Service US SAP AMERICA, INC. 3999 West Chester Pike, Newtown Square, 19073 United States T +1 610 661 0905, M +1 484 274 2658, E mike.co...@sap.com [cid:image003.png@01D66A6E.08FC2F20]
