I pointed my consoleproxy vm to the domain in my nginx proxy as well so it’s working as intended including websockets.
— Travis > On May 18, 2022, at 5:15 PM, Nux <[email protected]> wrote: > > Terminating SSL in another web server is certainly something that can be > done, many prefer it this way, however this will not enable SSL for the > console proxy VM.. So all your web consoles will go over regular HTTP. > > --- > Nux > www.nux.ro > > On 2022-05-18 10:09, Travis Romero wrote: >> I actually didn’t went with my initial approach. I just handled all >> SSL in nginx and terminated there. As for local ISO upload, I found >> the secstorage ssl domain config and pointed it to my nginx proxy and >> seems to work fine. >> Thanks for the inputs. >> — >> Travis >>> On May 18, 2022, at 3:39 PM, Nux <[email protected]> wrote: >>> You should be able to run certbot on the management server for example, or >>> anywhere else really (if you go for the wildcard) and then once you get >>> your certificate files to install them in your Cloudstack via cloudmonkey. >>> You can check this article for an example: >>> https://www.shapeblue.com/securing-cloudstack-4-11-with-https-tls/ >>> (search for cloudmonkey upload customcertificate) >>> --- >>> Nux >>> www.nux.ro >>> On 2022-05-17 22:26, Ricardo Pertuz wrote: >>>> Is there anyway to automate this with certbot or similar? >>>> On 16/05/22, 9:44 AM, "Wei ZHOU" <[email protected]> wrote: >>>> Hi Travis, >>>> Please try the following: >>>> Root certificate: chain.pem >>>> Server certificate: cert.pem >>>> Private certificate: privkey.pem >>>> -Wei >>>> On Monday, 16 May 2022, Travis Romero <[email protected]> >>>> wrote: >>>> > Hi, >>>> > >>>> > I have a valid SSL cert from letsencrypt for my domain and I wanted to >>>> use >>>> > as the SSL cert for my Cloudstack ( in Infrastructure -> Summary -> SSL >>>> > Cert). Which file is which? I have the following files from >>>> letsencrypt: >>>> > cert.pem, chain.pem, fullchain.pem, privkey.pem. Which should I use for >>>> > Root certificate, Server certificate, PKCS#8 Private certificate. >>>> > >>>> > — >>>> > Travis >>>> > >>>> >
