configuration ssl interface de fog

julio

Bonjour à tous. svp quelqu’un peux me donné une idée de comment je pourrais configuré mon interface web de fog en https. je souhaite configuré du ssl. merci bien

julio

bonjour, pour mettre l’interface web de fog en https, j’ai exécuter le script ./installfog.sh -S mais chose que sur le navigateur je saisi https:// adresse ip/fog/management j’arrive à me loguer mais cela me renvoi le message not secure je veux bien savoir comment mettre en https.

pour tout savoir aussi comment importé mon CA auprès du serveur fog. merci pour vos reponses

Sebastian Roth

@julio Currently you can’t simply import your own CA. This is because different components need to know about the CA making it complicated.

I started writing about this topic in the wiki but never found the time to finish it and get it all nice and easy. So before you start you want to read this carefully and make sure you understand it’s complexity, mainly with the fog-client software.

We won’t be able to guide you through all this step by step.

julio

@sebastian-roth salut roth, stp comment je peux importer ou récupérer /opt/fog/snapins/ssl/CA/.fogCA.pem de mon serveur FOG (par exemple en utilisant WinSCP ou scp) et l’importer dans mon magasin de certificats (navigateur).

sur mon serveur fog j’ai saisi la commande suivante:

sudo scp /opt/fog/snapins/ssl/CA/.fogCA.pem mais rien

julio

@sebastian-roth j’ai oublier de préciser un détail pour importer le certificat: j’ai deux serveur un serveur fog qui est tout en console, et un deuxieme serveur qui est windows serveur j’utilise le navigateur google chrome sur windows serveur mais je ne vois pas comment importer mon CA au niveau de ce navigateur pour valider mon CA

voici une erreur que j’ai quand je me connecte en https

Sebastian Roth

@julio Google Chrome does not have it’s own certificate store. You need to import the .fogCA.pem file into the Windows Certificate store (Trusted Authorities section). Search the web on how to do this.

julio

@sebastian-roth salut roth. j’ai réussi à importer le certificat auprès du serveur mais seulement que cela ne me met pas un cadenas niveau de la barre de recherche. au

Sebastian Roth

@julio The certificate we see in the picture is not generated by FOG I would say (Issued To: Administrateur, Issued By: Administrateur, Expiry Date: 17/11/2120?!?). Did you put that CA certificate file there?

The mentioned path /opt/fog/snapins/ssl/CA/.fogCA.pem is where the FOG installer will generate the CA certificate. It then copies that file to /var/www/html/fog/management/other/ca.cert.pem, where it is used by the Apache webserver. So you might want to compare those two files. Maybe you need to import the later one if you have messed with those files.

Be aware that importing the CA certificate into the Personal key store is probably not going to help. You need to import into Trusted (Root) Certificates section.

julio

@sebastian-roth said in configuration ssl interface de fog:

@julio The certificate we see in the picture is not generated by FOG I would say (Issued To: Administrateur, Issued By: Administrateur, Expiry Date: 17/11/2120?!?). Did you put that CA certificate file there?

The mentioned path /opt/fog/snapins/ssl/CA/.fogCA.pem is where the FOG installer will generate the CA certificate. It then copies that file to /var/www/html/fog/management/other/ca.cert.pem, where it is used by the Apache webserver. So you might want to compare those two files. Maybe you need to import the later one if you have messed with those files.

Be aware that importing the CA certificate into the Personal key store is probably not going to help. You need to import into Trusted (Root) Certificates section.

grand merci roth j’ai reussi à mettre mon navigateur google chrome en https avec le cadenas dessus. ta procédure m’a beaucoup aidé tres grand merci.

julio

@sebastian-roth said in configuration ssl interface de fog:

@julio The certificate we see in the picture is not generated by FOG I would say (Issued To: Administrateur, Issued By: Administrateur, Expiry Date: 17/11/2120?!?). Did you put that CA certificate file there?

The mentioned path /opt/fog/snapins/ssl/CA/.fogCA.pem is where the FOG installer will generate the CA certificate. It then copies that file to /var/www/html/fog/management/other/ca.cert.pem, where it is used by the Apache webserver. So you might want to compare those two files. Maybe you need to import the later one if you have messed with those files.

Be aware that importing the CA certificate into the Personal key store is probably not going to help. You need to import into Trusted (Root) Certificates section.

pour ceux qui sont intéresser suivez les etapes de mr roth.