OpenStack Glance Charm

  1. Bug #1711360
  2. Comment #12

Comment 12 for bug 1711360

Revision history for this message
Nobuto Murata (nobuto) wrote :

The result with rev. 259.

# ll /etc/apache2/ssl/glance/
total 16
dr-xr-xr-x 2 root root 4096 Oct 12 12:48 ./
dr-xr-xr-x 3 root root 4096 Oct 12 12:48 ../
-r--r--r-- 1 root root 1017 Oct 12 12:48 cert_glance.example.com
-r--r--r-- 1 root root 1704 Oct 12 12:48 key_glance.example.com

[/etc/apache2/sites-enabled/openstack_https_frontend.conf]
Listen 9282
<VirtualHost 192.168.151.126:9282>
    ServerName glance.example.com
    SSLEngine on
    SSLProtocol +TLSv1 +TLSv1.1 +TLSv1.2
    SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!EXP:!LOW:!MEDIUM
    SSLCertificateFile /etc/apache2/ssl/glance/cert_glance.example.com
    # See LP 1484489 - this is to support <= 2.4.7 and >= 2.4.8
    SSLCertificateChainFile /etc/apache2/ssl/glance/cert_glance.example.com
    SSLCertificateKeyFile /etc/apache2/ssl/glance/key_glance.example.com
    ProxyPass / http://localhost:9272/
    ProxyPassReverse / http://localhost:9272/
    ProxyPreserveHost on
    RequestHeader set X-Forwarded-Proto "https"
</VirtualHost>
<VirtualHost 192.168.152.122:9282>
    ServerName glance.example.com
    SSLEngine on
    SSLProtocol +TLSv1 +TLSv1.1 +TLSv1.2
    SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!EXP:!LOW:!MEDIUM
    SSLCertificateFile /etc/apache2/ssl/glance/cert_glance.example.com
    # See LP 1484489 - this is to support <= 2.4.7 and >= 2.4.8
    SSLCertificateChainFile /etc/apache2/ssl/glance/cert_glance.example.com
    SSLCertificateKeyFile /etc/apache2/ssl/glance/key_glance.example.com
    ProxyPass / http://localhost:9272/
    ProxyPassReverse / http://localhost:9272/
    ProxyPreserveHost on
    RequestHeader set X-Forwarded-Proto "https"
</VirtualHost>
<Proxy *>
    Order deny,allow
    Allow from all
</Proxy>
<Location />
    Order allow,deny
    Allow from all
</Location>