Mercurial Mercurial > upstream > oracle > userland-gate / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openstack/horizon/files/openstack-dashboard-tls.conf
author Drew Fisher <drew.fisher@oracle.com>
Wed, 15 Oct 2014 15:19:07 -0600
changeset 2152 1cea7a430dd7
parent 1765 dabcbc66ca36
child 3998 5bd484384122
permissions -rw-r--r--
19825273 horizon default config should disable SSL 2 & 3
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
1760
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff changeset 
     1
 
<IfDefine 64bit>
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff changeset 
     2
 
    LoadModule wsgi_module libexec/64/mod_wsgi-2.6.so
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff changeset 
     3
 
</IfDefine>
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff changeset 
     4
 
<IfDefine !64bit>
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff changeset 
     5
 
    LoadModule wsgi_module libexec/mod_wsgi-2.6.so
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff changeset 
     6
 
</IfDefine>
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff changeset 
     7
 












353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




     8


#













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




     9


# Enable Solaris Cryptographic Framework













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    10


#













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    11


SSLCryptoDevice pkcs11













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    12









1765






dabcbc66ca36
18419287 Horizon's Apache fragment causes svc:/network/http:apache22 to error



Drew Fisher <drew.fisher@oracle.com>


parents: 
1760

diff
changeset




    13


<VirtualHost *:80>













dabcbc66ca36
18419287 Horizon's Apache fragment causes svc:/network/http:apache22 to error



Drew Fisher <drew.fisher@oracle.com>


parents: 
1760

diff
changeset




    14


    RedirectPermanent /horizon https://openstack.example.com/horizon













dabcbc66ca36
18419287 Horizon's Apache fragment causes svc:/network/http:apache22 to error



Drew Fisher <drew.fisher@oracle.com>


parents: 
1760

diff
changeset




    15


</VirtualHost>








1760






353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    16














353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    17


Listen 443













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    18














353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    19


<VirtualHost *:443>








1765






dabcbc66ca36
18419287 Horizon's Apache fragment causes svc:/network/http:apache22 to error



Drew Fisher <drew.fisher@oracle.com>


parents: 
1760

diff
changeset




    20


    ServerName openstack.example.com








1760






353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    21














353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    22


    SSLEngine On








2152






1cea7a430dd7
19825273 horizon default config should disable SSL 2 & 3



Drew Fisher <drew.fisher@oracle.com>


parents: 
1765

diff
changeset




    23














1cea7a430dd7
19825273 horizon default config should disable SSL 2 & 3



Drew Fisher <drew.fisher@oracle.com>


parents: 
1765

diff
changeset




    24


    # Disable the known insecure SSLv2 & SSLv3 protocols













1cea7a430dd7
19825273 horizon default config should disable SSL 2 & 3



Drew Fisher <drew.fisher@oracle.com>


parents: 
1765

diff
changeset




    25


    SSLProtocol all -SSLv2 -SSLv3













1cea7a430dd7
19825273 horizon default config should disable SSL 2 & 3



Drew Fisher <drew.fisher@oracle.com>


parents: 
1765

diff
changeset




    26









1760






353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    27


    #













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    28


    # For an overview on SSL with Apache see:













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    29


    #    http://httpd.apache.org/docs/2.2/ssl/ssl_howto.html













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    30


    # For examples on how to configure certificates and keys see:













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    31


    #    http://www.akadia.com/services/ssh_test_certificate.html













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    32


    #








1765






dabcbc66ca36
18419287 Horizon's Apache fragment causes svc:/network/http:apache22 to error



Drew Fisher <drew.fisher@oracle.com>


parents: 
1760

diff
changeset




    33


    SSLCertificateFile /path/to/Server_PEM-encoded_X.509_Certificate_file













dabcbc66ca36
18419287 Horizon's Apache fragment causes svc:/network/http:apache22 to error



Drew Fisher <drew.fisher@oracle.com>


parents: 
1760

diff
changeset




    34


    SSLCACertificateFile /path/to/Concatenated_PEM-encoded_CA_Certificates













dabcbc66ca36
18419287 Horizon's Apache fragment causes svc:/network/http:apache22 to error



Drew Fisher <drew.fisher@oracle.com>


parents: 
1760

diff
changeset




    35


    SSLCertificateKeyFile /path/to/Server_PEM-encoded_Private_Key_file








1760






353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    36














353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    37


    WSGIScriptAlias /horizon \













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    38


        /usr/lib/python2.6/vendor-packages/openstack_dashboard/wsgi/django.wsgi













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    39


    WSGIDaemonProcess horizon user=webservd group=webservd processes=3 \













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    40


        threads=10













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    41














353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    42


    Alias /static /var/lib/openstack_dashboard/static/













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    43














353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    44


    <Directory /usr/lib/python2.6/vendor-packages/openstack_dashboard/wsgi>













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    45


        Order allow,deny













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    46


        Allow from all













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    47


    </Directory>













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    48














353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    49


    <Directory /var/lib/openstack_dashboard/static>













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    50


        Order allow,deny













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    51


        Allow from all













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    52


    </Directory>













353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    53


</VirtualHost>















upstream/oracle/userland-gate