From fe44cd3199f4328388e6968735af01ef9ae7311f Mon Sep 17 00:00:00 2001 From: Nilamdyuti Goswami Date: Fri, 26 Dec 2014 19:58:57 +0530 Subject: [PATCH] doc: Updates information for SSL configuration in Ceph Object Gateway installation. Signed-off-by: Nilamdyuti Goswami --- doc/install/install-ceph-gateway.rst | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/doc/install/install-ceph-gateway.rst b/doc/install/install-ceph-gateway.rst index a1c1799bea8..1be05349493 100644 --- a/doc/install/install-ceph-gateway.rst +++ b/doc/install/install-ceph-gateway.rst @@ -271,15 +271,36 @@ To enable SSL for RPM-based systems, execute the following steps: sudo yum install mod_ssl openssl -#. Ensure the SSL module is enabled. +#. Generate private key. :: -#. Generate a certificate and copy it to the appropriate locations. :: + openssl genrsa -out ca.key 2048 + +#. Generate CSR. :: + + openssl req -new -key ca.key -out ca.csr + +#. Generate a certificate. :: openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt + +#. Copy the files to appropriate locations. :: + cp ca.crt /etc/pki/tls/certs cp ca.key /etc/pki/tls/private/ca.key cp ca.csr /etc/pki/tls/private/ca.csr +#. Update the Apache SSL configuration file ``/etc/httpd/conf.d/ssl.conf``. + + Give the correct location of ``SSLCertificateFile``. :: + + SSLCertificateFile /etc/pki/tls/certs/ca.crt + + Give the correct location of ``SSLCertificateKeyFile``. :: + + SSLCertificateKeyFile /etc/pki/tls/private/ca.key + + Save the changes. + #. Restart Apache. :: sudo /etc/init.d/httpd restart -- 2.47.3