Archived community.zenoss.org | full text search
Skip navigation
4533 Views 7 Replies Latest reply: Sep 11, 2012 11:34 AM by Ezra Taylor RSS
Ezra Taylor Newbie 2 posts since
Aug 16, 2012
Currently Being Moderated

Aug 16, 2012 12:15 PM

Enabling SSL in Zenoss 4.2

Hello All:

 

             What's the procedure for enabling SSL in Zenoss 4.2?  The doc I have just states to insert the below into my zope.conf file.  Do I install the certs on Apache or inside of Zenoss?  Please point me to the correct docs?  Thanks for all your help.

 

 

 

<cgi-environment>

 

HTTPS ON

 

</cgi-environment>

  • dpetzel Rank: Brown Belt 1,141 posts since
    Oct 17, 2010
    Currently Being Moderated
    1. Aug 16, 2012 10:20 PM (in response to Ezra Taylor)
    Re: Enabling SSL in Zenoss 4.2

    I have not personally done it,but from what I've seen using Apache to fron Zenoss is the general approach. I dont think there is anything unique to core 4 vs previous version. Have a look at docs/DOC-2516

  • ianw1974 Rank: White Belt 52 posts since
    Jul 21, 2009
    Currently Being Moderated
    2. Aug 17, 2012 7:22 AM (in response to Ezra Taylor)
    Re: Enabling SSL in Zenoss 4.2

    I've done it by using the pound reverse proxy, this is probably the easiest method and lighter on memory usage than perhaps with apache or similar.

     

    With pound, you edit the /etc/pound/pound.cfg providing the SSL listener on port 443, generating yourself a certificate for use with pound, and then pointing your server to localhost:8080 for Zenoss - obviously assuming pound is installed on the same server, if elsewhere, exchange localhost for the IP of the system in question.

  • ianw1974 Rank: White Belt 52 posts since
    Jul 21, 2009
    Currently Being Moderated
    3. Aug 17, 2012 7:39 AM (in response to ianw1974)
    Re: Enabling SSL in Zenoss 4.2

    For completeness, my pound.cfg:

     

    ListenHTTPS

        # Your IP of the server here.

        Address x.x.x.x

        Port    443

        Cert    "/etc/pound/zenoss.pem"

     

        Service

            BackEnd

                Address 127.0.0.1

                Port 8080

            End

        End

    End

  • Shane Scott ZenossMaster 1,373 posts since
    Jul 6, 2009
    Currently Being Moderated
    4. Aug 18, 2012 1:41 AM (in response to ianw1974)
    Re: Enabling SSL in Zenoss 4.2

    ianw1974:

     

    I would either use Apache with a reverse proxy for SSL facility (as suggested by Jams) or wait on zenwebserver, a zenpack that provides SSL facility and load balancing across zopes.

     

    Best,

    --Shane Scott (Hackman238)

  • ianw1974 Rank: White Belt 52 posts since
    Jul 21, 2009
    Currently Being Moderated
    5. Aug 20, 2012 10:17 AM (in response to Shane Scott)
    Re: Enabling SSL in Zenoss 4.2

    Sure of course, you could even use squid for a reverse proxy.  The good thing about open source, the choice, however for me apache or squid is a bit overkill for just a bit of redirecting with SSL.

  • zenoR Newbie 4 posts since
    Jul 12, 2011
    Currently Being Moderated
    6. Sep 10, 2012 5:21 PM (in response to Shane Scott)
    Re: Enabling SSL in Zenoss 4.2

    Do you have any further information on this? I having trouble getting SSL to work reliably on my setup....

More Like This

  • Retrieving data ...

Legend

  • Correct Answers - 4 points
  • Helpful Answers - 2 points