Securing Swift API Service Endpoints

In previous i have posted about OpenStack Object Storage(swift), this post is Securing Object Storage Service API endpoints in OpenStack Queens environment(Configuring OpenSSL) Consider your having Swift API service endpoints in https like below mentioned Consider your having Certificate and key file like below mentioned Certificate File – openstack.crt and Key File – openstack.key Steps […]

OpenStack and Object Storage(Swift )

OpenStack Platform Openstack Is an open source cloud computing platform used to implement the cloud environment. This environment is providing the best way to manage a large amount of data, it has a large number of resources, networking, and storage which provides reliable performance. The OpenStack platform will accept all integrations and the operating system […]

Configuring OpenSSL for OpenStack Horizon

Create a Self-Signed certificates’s keyfile and certificate file using Following OpenSSL command, sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout  /etc/ssl/client.key -out /etc/ssl/client.crt  The above command generates client.key file and client.crt file  Configuring SSL in /etc/apache2/sites-available/default-ssl.conf Now Horizon will work with both http and https, so the http traffic should be redirected as https, this will be enabled by adding Redirect / https:// {domain or […]

Adding Self-Signed Certificate for Nova and Neutron API Service endpoints

Configuring Self-Signed Certificate for Nova API Service endpoints  Update /etc/nova/nova.conf  [DEFAULT]  ssl_only = True    cert = /etc/ssl/client.pem  key = /etc/ssl/client-key.pem  enabled_ssl_apis = osapi_compute,metadata  [glance]  api_servers = https://controller:9292  certfile = /etc/ssl/client.pem  keyfile = /etc/ssl/client-key.pem  insecure = true  [keystone_authtoken]  auth_uri = https://controller:5000  auth_url = https://controller:35357  certfile = /etc/ssl/client.pem  keyfile = /etc/ssl/client-key.pem  insecure = true  The Placement API service endpoints also should be configured with Self-Signed certificate for nova.  In /etc/apache2/sites-available/ location nova-placement-api.conf will be available,this file is used to configure Self-Signed […]

Adding Self-Signed Certificate for Keystone and Glance API Service endpoints

1.Generating Self-Signed Certificates  Enable ssl by typing this command sudo a2enmod ssl  Enabling ssl requires the apache2 service should be restarted, so restart apache by using this command service apache2 restart  Create a directory for the Self-Signed certificate by using sudo mkdir /etc/ssl  Generate Self-Signed Certificate by using the below command sudo openssl req -x509 -nodes -days 365 –newkey rsa:2048 –keyout  /etc/ssl/client.key -out /etc/ssl/client.crt              The above command generates client.key file and client.crt file   Convert the generated files into pem format by […]

Begin typing your search term above and press enter to search. Press ESC to cancel.

Back To Top