...
| Mermaid | ||||||
|---|---|---|---|---|---|---|
| ||||||
{"diagramDefinition":"flowchart LR\nA--HTTP-->P(RemoteServices)\nsubgraph Abiquo Platform \n A\n P\nend\nX(Cloud User)<--HTTPS-->P\nX(Cloud User)--HTTPS-->A(Abiquo Server)\nY(Remote RS)--HTTPS-->A\nX(Cloud User)<--HTTPS-->Y\n style A fill:#ec9032,stroke:#666,stroke-width:2px,color:#fff\n style P fill:#ec9032,stroke:#666,stroke-width:2px,color:#fff\n style Y fill:#ec9032,stroke:#666,stroke-width:2px,color:#fff"} |
TLS for distributed scalable server
For the distributed scalable server, we recommend that you configure the communications for the API to the remote services with TLS. This also means that you have the configuration to upload and download templates.
To use TLS between the API and remote services, configure the following certificates:
API server cacerts → RS certificate
RS server .jks keystore → RS and API certificates
RS server cacerts → RS and API certificates
...
Abiquo UI certificates
The server OVA has a self-signed certificate called abiquo.crt that you can find in this folder /etc/pki/tls/certs.
...
Configure TLS for remote services
If you have remote RS servers (which means remote services in a different location) or to allow users to upload and download templates, or to improve security, configure the communications between the Abiquo Server and the Remote services servers using TLS.To use TLS between the API and remote services, configure the following certificates:
API server cacerts → RS certificate
RS server .jks keystore → RS and API certificates
RS server cacerts → RS and API certificates
...
1. Add certificates to cacerts on the Remote services server
...