From: Nilamdyuti Goswami <ngoswami@redhat.com>
Date: Fri, 26 Dec 2014 14:28:57 +0000 (+0530)
Subject: doc: Updates information for SSL configuration in Ceph Object Gateway installation.
X-Git-Tag: v0.92~90^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=fe44cd3199f4328388e6968735af01ef9ae7311f;p=ceph.git

doc: Updates information for SSL configuration in Ceph Object Gateway installation.

Signed-off-by: Nilamdyuti Goswami <ngoswami@redhat.com>
---

diff --git a/doc/install/install-ceph-gateway.rst b/doc/install/install-ceph-gateway.rst
index a1c1799bea8..1be05349493 100644
--- a/doc/install/install-ceph-gateway.rst
+++ b/doc/install/install-ceph-gateway.rst
@@ -271,15 +271,36 @@ To enable SSL for RPM-based systems, execute the following steps:
 
 	sudo yum install mod_ssl openssl
 
-#. Ensure the SSL module is enabled.
+#. Generate private key. ::
 
-#. Generate a certificate and copy it to the appropriate locations. ::
+	openssl genrsa -out ca.key 2048
+
+#. Generate CSR. ::
+
+	openssl req -new -key ca.key -out ca.csr
+
+#. Generate a certificate. ::
 
 	openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt
+
+#. Copy the files to appropriate locations. ::
+
 	cp ca.crt /etc/pki/tls/certs
 	cp ca.key /etc/pki/tls/private/ca.key
 	cp ca.csr /etc/pki/tls/private/ca.csr
 
+#. Update the Apache SSL configuration file ``/etc/httpd/conf.d/ssl.conf``.
+
+	Give the correct location of ``SSLCertificateFile``. ::
+
+		SSLCertificateFile /etc/pki/tls/certs/ca.crt
+
+	Give the correct location of ``SSLCertificateKeyFile``. ::
+
+		SSLCertificateKeyFile /etc/pki/tls/private/ca.key
+
+	Save the changes.
+
 #. Restart Apache. ::
 
 	sudo /etc/init.d/httpd restart