Configuring OpenSSL for OpenStack Horizon

Create a Self-Signed certificates’s keyfile and certificate file using Following OpenSSL command,

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout  /etc/ssl/client.key -out /etc/ssl/client.crt

 The above command generates client.key file and client.crt file 

Configuring SSL in /etc/apache2/sites-available/default-ssl.conf

  • Now Horizon will work with both http and https, so the http traffic should be redirected as https, this will be enabled by adding Redirect / https:// {domain or host ip}  this line in /etc/apache2/sites-availble/000-default.conf. 
  • Then create a .htaccess file like below mentioned in /var/www/html

RewriteEngine On 

RewriteCond %{HTTPS}  !=on 

RewriteRule ^/?(.*) https://%{domain or host ip}/$1 [R,L]

Add OPENSTACK_SSL_NO_VERIFY = True line in /etc/openstack-dashboard/ for skip the verification for self-signed certificate

Then Restart the apache Service by using service apache2 restart command.

Now the openSSL configured for horizon…