Home / OpenStack

Setting up SSL access-Openstack

Rating: 5.0Blog-star
Views: 2965
by Ravindra Savaram
Last modified: February 3rd 2021

You can configure the dashboard for a simple HTTP deployment.
You can configure the dashboard for a secured HTTPS deployment. While the standard installation uses a non-encrypted HTTP channel, you can enable SSL support for the dashboard.
Setting up SSL access provides secure access between the client and our OpenStack Object Storage environment. It is exactly the same way in which SSL provides secure access to any other web service. To do this, we configure our proxy server with SSL certificates.

Configuring OpenStack Object Storage to use SSL 

To begin with, log in to our swift server.

To gain in-depth knowledge and be on par with practical experience, then explore  OpenStack Training course.


Configuration of OpenStack Object Storage to secure communication between the client and the proxy server is done as follows:

1. In order to provide SSL access to our proxy server, we first create the certificates, as follows:
 cd /etc/swift
 sudo openssl req -new -x509 -nodes -out cert.crt -keyout cert.key

2. We need to answer the following questions that the certificate process asks us:

Generating a 1024 bit RSA

3. Once created, we can configure our proxy server to use the certificate and key by
 editing the /etc/swift/proxy-server.conf file:
 bind_port = 443
 cert_file = /etc/swift/cert.crt key_file = /etc/swift/cert.key

4. With this in place, we can restart the proxy server, using the swift-init command, to pick up the change:
sudo swift-init proxy-server restart


Explore OpenStack Sample Resumes! Download & Edit, Get Noticed by Top Employers!  Download Now!


Setting up SSL Access

Configuring OpenStack Object Storage to use SSL involves configuring the proxy server to use SSL. We first configure a self-signed certificate using the openssl command, which asks for various fields to be filled in. An important field is the Common Name field. Put in the fully qualified domain name (FQDN hostname) or IP address that you would use to connect to the Swift server.
Once that has been done, we specify the port, that we want our proxy server to listen on. As we are configuring an SSL HTTPS connection, we will use the standard TCP port 443 that HTTPS defaults to. We also specify the certificate and key that was created in the first step, so when a request is made, this information is presented to the end user to allow secure data transfer.
With this in place, we then restart our proxy server to listen on port 443.


Related Pages:
Openstack Tutorial

Interview Questions:
Openstack Interview Questions



About Author

NameRavindra Savaram
Author Bio


Ravindra Savaram is a Content Lead at Mindmajix.com. His passion lies in writing articles on the most popular IT platforms including Machine learning, DevOps, Data Science, Artificial Intelligence, RPA, Deep Learning, and so on. You can stay up to date on all these technologies by following him on LinkedIn and Twitter.