You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cloudstack.apache.org by Granwille Strauss <gr...@namhost.com.INVALID> on 2022/12/02 13:58:38 UTC

Re: Redirect HTTP 8080 to HTTPS 8443 on Cloudstack 4.17.1.0

Hi Guys

Would like to follow up on this any ideas?

On 11/18/22 16:47, David Larsen wrote:
> Hi
>
> We are using Cloudstack 4.17.1.0.
> Https://host.domain.com:8443  works fine.
>
> I followed to steps below to redirect http 8080 to https 8443 with no luck....
> Is there another way to do this in 4.17.1.0?
> Hope so... :-)
>
> ------------
>
> For auto redirection from 8080 to 8443, Add below content in '/usr/share/cloudstack-management/webapp/WEB-INF/web.xml' file at line 22
> <security-constraint>
>
> <web-resource-collection>
>
> <web-resource-name>Everything in the webapp</web-resource-name>
>
> <url-pattern>/*</url-pattern>
>
> </web-resource-collection>
>
> <user-data-constraint>
>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
>
> </user-data-constraint>
>
> </security-constraint>
>
>
> <Call name="addConnector">
>
> <Arg>
>
> <New class="org.eclipse.jetty.nio.SelectChannelConnector">
>
> ...
>
> <Set name="confidentialPort">8443</Set>
>
> </New>
>
> </Arg>
>
> </Call>
> Restart the management service
> systemctl restart cloudstack-management
>
>
> Best regards
> David Larsen
>
-- 
Regards / Groete

<https://www.namhost.com> 	Granwille Strauss  // Senior Systems Admin

*e:* granwille@namhost.com
*m:* +264 81 323 1260 <tel:+264813231260>
*w:* www.namhost.com <https://www.namhost.com/>

<https://www.facebook.com/namhost><https://twitter.com/namhost><https://www.instagram.com/namhostinternetservices/><https://www.linkedin.com/company/namhos><https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA>

<https://www.adsigner.com/v1/l/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner>

Namhost Internet Services (Pty) Ltd,

24 Black Eagle Rd, Hermanus, 7210, RSA



The content of this message is confidential. If you have received it by 
mistake, please inform us by email reply and then delete the message. It 
is forbidden to copy, forward, or in any way reveal the contents of this 
message to anyone without our explicit consent. The integrity and 
security of this email cannot be guaranteed over the Internet. 
Therefore, the sender will not be held liable for any damage caused by 
the message. For our full privacy policy and disclaimers, please go to 
https://www.namhost.com/privacy-policy

Powered by AdSigner 
<https://www.adsigner.com/v1/c/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818>

Re: Redirect HTTP 8080 to HTTPS 8443 on Cloudstack 4.17.1.0

Posted by Darren Cole <dc...@aseg.com.INVALID>.

At one point I tried using Cloudstack for terminating the SSL, but have since switched to Apache because that is easier. 
Apache handles SSL termination and proxies the 443 connection to Cloudstack localhost 8080. 
I have Cloudstack only binding 8080 to localhost, so it is not accessible except over SSL. 

I have not gotten around to configuring the console access to work. 
Both clusters I've run are very much testing only side projects. 

Darren 
-- 
This e-mail is confidential. Any distribution, use or copying of this e-mail or the information it contains other than by the intended recipient is forbidden. If you are not the intended recipient, please advise the sender (by return e-mail or otherwise) immediately and delete this e-mail. 


From: "Nux" <nu...@li.nux.ro> 
To: "users" <us...@cloudstack.apache.org> 
Sent: Monday, December 5, 2022 5:36:09 AM 
Subject: Re: Redirect HTTP 8080 to HTTPS 8443 on Cloudstack 4.17.1.0 



I never bothered to do this in Cloudstack, I always used Apache to terminate SSL and do proxy requests, you can of course use any other web servers for this (nginx, lighttpd). 
--- 
Nux 
[ http://www.nux.ro/ | www.nux.ro ] 





On 2022-12-02 13:58, Granwille Strauss wrote: 




Hi Guys 

Would like to follow up on this any ideas? 
On 11/18/22 16:47, David Larsen wrote: 

BQ_BEGIN

Hi

We are using Cloudstack 4.17.1.0. [ https://host.domain.com:8443/ | Https://host.domain.com:8443 ] works fine.

I followed to steps below to redirect http 8080 to https 8443 with no luck....
Is there another way to do this in 4.17.1.0?
Hope so... :-)

------------

For auto redirection from 8080 to 8443, Add below content in '/usr/share/cloudstack-management/webapp/WEB-INF/web.xml' file at line 22
<security-constraint>

<web-resource-collection>

<web-resource-name>Everything in the webapp</web-resource-name>

<url-pattern>/*</url-pattern>

</web-resource-collection>

<user-data-constraint>

<transport-guarantee>CONFIDENTIAL</transport-guarantee>

</user-data-constraint>

</security-constraint>


<Call name="addConnector">

<Arg>

<New class="org.eclipse.jetty.nio.SelectChannelConnector">

...

<Set name="confidentialPort">8443</Set>

</New>

</Arg>

</Call>
Restart the management service
systemctl restart cloudstack-management


Best regards
David Larsen 



-- 
Regards / Groete 


[ https://www.namhost.com/ ] 	Granwille Strauss // Senior Systems Admin 

e: [ mailto:granwille@namhost.com | granwille@namhost.com ] 
m: +264 81 323 1260 
w: [ https://www.namhost.com/ | www.namhost.com ] 

[ https://www.facebook.com/namhost ] [ https://twitter.com/namhost ] [ https://www.instagram.com/namhostinternetservices/ ] [ https://www.linkedin.com/company/namhos ] [ https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA ] 

[ https://www.adsigner.com/v1/l/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner ] 


Namhost Internet Services (Pty) Ltd , 
24 Black Eagle Rd, Hermanus, 7210, RSA 


The content of this message is confidential. If you have received it by mistake, please inform us by email reply and then delete the message. It is forbidden to copy, forward, or in any way reveal the contents of this message to anyone without our explicit consent. The integrity and security of this email cannot be guaranteed over the Internet. Therefore, the sender will not be held liable for any damage caused by the message. For our full privacy policy and disclaimers, please go to [ https://www.namhost.com/privacy-policy | https://www.namhost.com/privacy-policy ] 
[ https://www.adsigner.com/v1/c/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818 ] 

BQ_END

Re: Redirect HTTP 8080 to HTTPS 8443 on Cloudstack 4.17.1.0

Posted by Nux <nu...@li.nux.ro>.


I never bothered to do this in Cloudstack, I always used Apache to 
terminate SSL and do proxy requests, you can of course use any other web 
servers for this (nginx, lighttpd).

---
Nux
www.nux.ro [11]

On 2022-12-02 13:58, Granwille Strauss wrote:

> Hi Guys
> 
> Would like to follow up on this any ideas?
> 
> On 11/18/22 16:47, David Larsen wrote:
> 
>> Hi
>> 
>> We are using Cloudstack 4.17.1.0.
>> Https://host.domain.com:8443 works fine.
>> 
>> I followed to steps below to redirect http 8080 to https 8443 with no 
>> luck....
>> Is there another way to do this in 4.17.1.0?
>> Hope so... :-)
>> 
>> ------------
>> 
>> For auto redirection from 8080 to 8443, Add below content in 
>> '/usr/share/cloudstack-management/webapp/WEB-INF/web.xml' file at line 
>> 22
>> <security-constraint>
>> 
>> <web-resource-collection>
>> 
>> <web-resource-name>Everything in the webapp</web-resource-name>
>> 
>> <url-pattern>/*</url-pattern>
>> 
>> </web-resource-collection>
>> 
>> <user-data-constraint>
>> 
>> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
>> 
>> </user-data-constraint>
>> 
>> </security-constraint>
>> 
>> <Call name="addConnector">
>> 
>> <Arg>
>> 
>> <New class="org.eclipse.jetty.nio.SelectChannelConnector">
>> 
>> ...
>> 
>> <Set name="confidentialPort">8443</Set>
>> 
>> </New>
>> 
>> </Arg>
>> 
>> </Call>
>> Restart the management service
>> systemctl restart cloudstack-management
>> 
>> Best regards
>> David Larsen
> 
> --
> 
> Regards / Groete
> 
> [1]
> Granwille Strauss  //  Senior Systems Admin
> 
> e: granwille@namhost.com
> m: +264 81 323 1260 [2]
> w: www.namhost.com [3]
> 
> [4] [5] [6] [7] [8]
> 
> [9]
> 
> Namhost Internet Services (Pty) Ltd,
> 
> 24 Black Eagle Rd, Hermanus, 7210, RSA
> 
> The content of this message is confidential. If you have received it by 
> mistake, please inform us by email reply and then delete the message. 
> It is forbidden to copy, forward, or in any way reveal the contents of 
> this message to anyone without our explicit consent. The integrity and 
> security of this email cannot be guaranteed over the Internet. 
> Therefore, the sender will not be held liable for any damage caused by 
> the message. For our full privacy policy and disclaimers, please go to 
> https://www.namhost.com/privacy-policy
> 
> [10]


Links:
------
[1] https://www.namhost.com
[2] tel:+264813231260
[3] https://www.namhost.com/
[4] https://www.facebook.com/namhost
[5] https://twitter.com/namhost
[6] https://www.instagram.com/namhostinternetservices/
[7] https://www.linkedin.com/company/namhos
[8] https://www.youtube.com/channel/UCTd5v-kVPaic_dguGur15AA
[9] 
https://www.adsigner.com/v1/l/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818/banner
[10] 
https://www.adsigner.com/v1/c/631091998d4670001fe43ec2/621c9b76c140bb001ed0f818
[11] http://www.nux.ro