Terminating SSL in another web server is certainly something that can be
done, many prefer it this way, however this will not enable SSL for the
console proxy VM.. So all your web consoles will go over regular HTTP.
---
Nux
www.nux.ro
On 2022-05-18 10:09, Travis Romero wrote:
I actually didn’t went with my initial approach. I just handled all
SSL in nginx and terminated there. As for local ISO upload, I found
the secstorage ssl domain config and pointed it to my nginx proxy and
seems to work fine.
Thanks for the inputs.
—
Travis
On May 18, 2022, at 3:39 PM, Nux <[email protected]> wrote:
You should be able to run certbot on the management server for
example, or anywhere else really (if you go for the wildcard) and then
once you get your certificate files to install them in your Cloudstack
via cloudmonkey.
You can check this article for an example:
https://www.shapeblue.com/securing-cloudstack-4-11-with-https-tls/
(search for cloudmonkey upload customcertificate)
---
Nux
www.nux.ro
On 2022-05-17 22:26, Ricardo Pertuz wrote:
Is there anyway to automate this with certbot or similar?
On 16/05/22, 9:44 AM, "Wei ZHOU" <[email protected]> wrote:
Hi Travis,
Please try the following:
Root certificate: chain.pem
Server certificate: cert.pem
Private certificate: privkey.pem
-Wei
On Monday, 16 May 2022, Travis Romero
<[email protected]> wrote:
> Hi,
>
> I have a valid SSL cert from letsencrypt for my domain and I
wanted to use
> as the SSL cert for my Cloudstack ( in Infrastructure -> Summary
-> SSL
> Cert). Which file is which? I have the following files from
letsencrypt:
> cert.pem, chain.pem, fullchain.pem, privkey.pem. Which should I
use for
> Root certificate, Server certificate, PKCS#8 Private
certificate.
>
> —
> Travis
>
>
