Setting up SSL access provides secure access between the client and our OpenStack Object Storage environment in exactly the same way SSL provides secure access to any other web service. To do this, we configure our proxy server with SSL certificates.
Configuration of OpenStack Object Storage to secure communication between the client and the proxy server is done as follows:
In order to provide SSL access to our proxy server, we first create the certificates, as follows:
cd /etc/swift sudo openssl req -new -x509 -nodes -out cert.crt -keyout cert.key
We need to answer the following questions that the certificate process asks us:
Once created, we configure our proxy server to use the certificate and key by editing the
/etc/swift/proxy-server.conf
file:bind_port = 443 cert_file = /etc/swift/cert.crt key_file = /etc/swift/cert.key
With this in place, we can restart the proxy server, using the
swift-init
command...