
<html>

  <head>

    <meta content="text/html; charset=ISO-8859-1"

      http-equiv="Content-Type">

  </head>

  <body bgcolor="#FFFFFF" text="#000000">

    <div class="moz-cite-prefix">On 11/13/2013 08:59 PM, Hassan Shaik

      wrote:<br>

    </div>

    <blockquote

cite="mid:CAGNe0D2WHhmU=--0DX2eUjTA7H2chMON+GvHMc_iCgTTbLnrbQ@mail.gmail.com"

      type="cite">

      <div dir="ltr">Hello Openstack security experts,

        <div><br>

        </div>

        <div>I am trying to enable SSL/HTTPS in openstack REST API for

          all services (nova/glance endpoint URL). However, I see the

          documentation to enable SSL on keystone service alone.</div>

        <div><br>

        </div>

        <div><a moz-do-not-send="true"

href="http://docs.openstack.org/grizzly/openstack-compute/admin/content//keystone-ssl.html">http://docs.openstack.org/grizzly/openstack-compute/admin/content//keystone-ssl.html</a><br>

        </div>

        <div><a moz-do-not-send="true"

            href="http://docs.openstack.org/developer/keystone/configuration.html">http://docs.openstack.org/developer/keystone/configuration.html</a><br>

        </div>

        <div><br>

        </div>

        <div>1. Am I missing something? Is SSL/HTTPS supported for

          nova/glance API too?</div>

      </div>

    </blockquote>

<a class="moz-txt-link-freetext" href="http://andymc-stack.co.uk/2013/07/apache2-mod_wsgi-openstack-pt-2-nova-api-os-compute-nova-api-ec2/">http://andymc-stack.co.uk/2013/07/apache2-mod_wsgi-openstack-pt-2-nova-api-os-compute-nova-api-ec2/</a><br>

<a class="moz-txt-link-freetext" href="http://andymc-stack.co.uk/2013/07/apache2-mod_wsgi-openstack-pt-3-glance-api-glance-registry/#comment-23">http://andymc-stack.co.uk/2013/07/apache2-mod_wsgi-openstack-pt-3-glance-api-glance-registry/#comment-23</a><br>

    <br>

    People have suggested that the glance one is broken, and comes up

    Read Only.  I suspect SELinux issues there<br>

    <br>

    <blockquote

cite="mid:CAGNe0D2WHhmU=--0DX2eUjTA7H2chMON+GvHMc_iCgTTbLnrbQ@mail.gmail.com"

      type="cite">

      <div dir="ltr">

        <div>2. Also, when I try to enable SSL in keystone service, all

          nova/glance CLI fail to work after the change. And, the debug

          shows it is trying to make use of http even after enabling

          SSL.</div>

        <div><br>

        </div>

        <div>

          <div># nova --debug list</div>

          <div><br>

          </div>

          <div>REQ: curl -i <b>http</b>://openstack-ip:5000/v2.0/tokens

            -X POST -H "Content-Type: application/json" -H "Accept:

            application/json" -H "User-Agent: python-novaclient" -d

            '{"auth": {"tenantName": "admin", "passwordCredentials":

            {"username": "admin", "password": "admin_pass"}}}'</div>

        </div>

      </div>

    </blockquote>

    <br>

    Need to set the Auth endpoint to https when registering it with

    Keystone.<br>

    <blockquote

cite="mid:CAGNe0D2WHhmU=--0DX2eUjTA7H2chMON+GvHMc_iCgTTbLnrbQ@mail.gmail.com"

      type="cite">

      <div dir="ltr">

        <div>

          <div><br>

          </div>

          <div>Appreciate your help.</div>

          <div><br>

          </div>

          <div>Thanks,<br>

            Hassan</div>

        </div>

      </div>

      <br>

      <fieldset class="mimeAttachmentHeader"></fieldset>

      <br>

      <pre wrap="">_______________________________________________

Openstack-security mailing list

<a class="moz-txt-link-abbreviated" href="mailto:Openstack-security@lists.openstack.org">Openstack-security@lists.openstack.org</a>

<a class="moz-txt-link-freetext" href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security</a>

</pre>

    </blockquote>

    <br>

  </body>

</html>