author | Drew Fisher <drew.fisher@oracle.com> |
Mon, 27 Oct 2014 07:23:02 -0700 | |
branch | s11u2-sru |
changeset 3426 | be0c5ab90457 |
parent 3028 | 5e73a3a3f66a |
child 4072 | db0cec748ec0 |
child 4156 | 4b1def16fe9b |
permissions | -rw-r--r-- |
3028
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
1 |
<IfDefine 64bit> |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
2 |
LoadModule wsgi_module libexec/64/mod_wsgi-2.6.so |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
3 |
</IfDefine> |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
4 |
<IfDefine !64bit> |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
5 |
LoadModule wsgi_module libexec/mod_wsgi-2.6.so |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
6 |
</IfDefine> |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
7 |
|
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
8 |
# |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
9 |
# Enable Solaris Cryptographic Framework |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
10 |
# |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
11 |
SSLCryptoDevice pkcs11 |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
12 |
|
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
13 |
<VirtualHost *:80> |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
14 |
RedirectPermanent /horizon https://openstack.example.com/horizon |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
15 |
</VirtualHost> |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
16 |
|
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
17 |
Listen 443 |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
18 |
|
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
19 |
<VirtualHost *:443> |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
20 |
ServerName openstack.example.com |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
21 |
|
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
22 |
SSLEngine On |
3426
be0c5ab90457
19825273 horizon default config should disable SSL 2 & 3
Drew Fisher <drew.fisher@oracle.com>
parents:
3028
diff
changeset
|
23 |
|
be0c5ab90457
19825273 horizon default config should disable SSL 2 & 3
Drew Fisher <drew.fisher@oracle.com>
parents:
3028
diff
changeset
|
24 |
# Disable the known insecure SSLv2 & SSLv3 protocols |
be0c5ab90457
19825273 horizon default config should disable SSL 2 & 3
Drew Fisher <drew.fisher@oracle.com>
parents:
3028
diff
changeset
|
25 |
SSLProtocol all -SSLv2 -SSLv3 |
be0c5ab90457
19825273 horizon default config should disable SSL 2 & 3
Drew Fisher <drew.fisher@oracle.com>
parents:
3028
diff
changeset
|
26 |
|
3028
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
27 |
# |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
28 |
# For an overview on SSL with Apache see: |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
29 |
# http://httpd.apache.org/docs/2.2/ssl/ssl_howto.html |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
30 |
# For examples on how to configure certificates and keys see: |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
31 |
# http://www.akadia.com/services/ssh_test_certificate.html |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
32 |
# |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
33 |
SSLCertificateFile /path/to/Server_PEM-encoded_X.509_Certificate_file |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
34 |
SSLCACertificateFile /path/to/Concatenated_PEM-encoded_CA_Certificates |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
35 |
SSLCertificateKeyFile /path/to/Server_PEM-encoded_Private_Key_file |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
36 |
|
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
37 |
WSGIScriptAlias /horizon \ |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
38 |
/usr/lib/python2.6/vendor-packages/openstack_dashboard/wsgi/django.wsgi |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
39 |
WSGIDaemonProcess horizon user=webservd group=webservd processes=3 \ |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
40 |
threads=10 |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
41 |
|
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
42 |
Alias /static /var/lib/openstack_dashboard/static/ |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
43 |
|
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
44 |
<Directory /usr/lib/python2.6/vendor-packages/openstack_dashboard/wsgi> |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
45 |
Order allow,deny |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
46 |
Allow from all |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
47 |
</Directory> |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
48 |
|
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
49 |
<Directory /var/lib/openstack_dashboard/static> |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
50 |
Order allow,deny |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
51 |
Allow from all |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
52 |
</Directory> |
5e73a3a3f66a
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
53 |
</VirtualHost> |