[ovirt-users] Ovirt SSL Question

Sahina Bose sabose at redhat.com
Thu Aug 14 10:53:29 UTC 2014


On 08/14/2014 03:07 PM, Punit Dambiwal wrote:
> Hi All,
>
> Is there any one can help me to solve this issue..


Look for details at http://www.ovirt.org/Features/PKI 
(User--SSL-->apache--AJP-->ovirt-engine), that may help you.

>
> Thanks,
> Punit
>
>
> On Wed, Aug 13, 2014 at 9:53 AM, Punit Dambiwal <hypunit at gmail.com 
> <mailto:hypunit at gmail.com>> wrote:
>
>     Hi All,
>
>     I have one question regarding the SSL settings in Ovirt....let me
>     explain my environment first :-
>
>     1. Ovirt engine :- mgmt.3linux.com <http://mgmt.3linux.com>
>     2. Standalone websocket proxy :- web-proxy.3linux.com
>     <http://web-proxy.3linux.com>
>     3. Our Own Portal :- portal.3linux.com <http://portal.3linux.com>
>
>     We have the above architecture...we fetch the VM console from the
>     websocket proxy to our own portal through API....because still we
>     are using selfsigned certificate...we need to trust the
>     certificate every time,whenever we open the VM console...
>     (https://<web-proxy.3linux.com <http://web-proxy.3linux.com>>:<port>)
>
>     When we initiate the VM console through our own web portal the url
>      (https://portal.3linux.com/content/ovirt/noVNC/vm-console.php?id=6e0caf73-ae7d-493e-a51d-ecc32f507f00),if
>     we accept the SSL certificate with https://<web-proxy.3linux.com
>     <http://web-proxy.3linux.com>>:<port> ....then it will open as
>     expected but if we didn't accept the certificate manually...then
>     it through failed to connect:1006 error...
>
>     We don't want that every time end user will accept the certificate
>     manually...as our link to open VM console is different then
>     webproxy....
>
>     Now we want to replace the self signed certificate with valid
>     SSL....can any one tell me where we need to put the certificates
>     and how to generate the CSR for them and how many SSL we need to
>     purchase to make this thing workable without accepting the
>     certificate everytime....
>
>     Thanks,
>     Punit
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20140814/79c8fa7f/attachment-0001.html>


More information about the Users mailing list