配置OpenStack dashboard使用HTTPS

..
声明：
本博客欢迎转发，但请保留原作者信息!
博客地址：http://blog.csdn.net/liujiong63
新浪微博：@Jeremy____Liu
内容系本人学习、研究和总结，如有雷同，实属荣幸！

---

环境说明：centos7.2.1511

准备证书及私钥文件

要注意生成证书时输入的Common Name要能匹配dashboard的域名。

安装mod_ssl

yum -y install mod_ssl

修改httpd中dashboard的配置

修改/etc/httpd/conf.d/openstack-dashboard.conf，内容如下

<VirtualHost *:80>  ## Force redirect to SSL website  RewriteEngine On  RewriteCond %{HTTPS} !on  RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]</VirtualHost><VirtualHost *:443>  <Directory /usr/share/openstack-dashboard/openstack_dashboard/wsgi>    Options All    AllowOverride All    Require all granted  </Directory>  <Directory /usr/share/openstack-dashboard/static>    Options All    AllowOverride All    Require all granted  </Directory>  ## Logging  ErrorLog "/var/log/httpd/horizon_error.log"  ServerSignature Off  CustomLog "/var/log/httpd/horizon_access.log" combined  ## RedirectMatch rules  RedirectMatch permanent  ^/$ /dashboard  WSGIDaemonProcess dashboard user=apache group=apache  WSGIProcessGroup dashboard  WSGIScriptAlias /dashboard "/usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi"  Alias /dashboard/static /usr/share/openstack-dashboard/static  ## SSL Related, replace paths with your own  SSLEngine on  SSLCertificateFile    /etc/ssl/dashboard-cert-key/cert.pem  SSLCertificateKeyFile /etc/ssl/dashboard-cert-key/key.pem</VirtualHost>

注意：此处配置默认将80端口的请求转到443端口

修改httpd中ssl模块的配置

修改/etc/httpd/conf.d/ssl.conf

修改SSLCertificateFile和SSLCertificateKeyFile配置合适的证书/私钥

重启服务

systemctl restart httpd