From 6bf36c6a6eaa310a33a4e6cf321c2402788ddc35 Mon Sep 17 00:00:00 2001 From: Elisamara Aoki Goncalves Date: Fri, 13 Sep 2024 12:43:13 +0000 Subject: [PATCH] https access update Update documentation regarding enabling HTTPS access. Story: 2009811 Task: 50152 Change-Id: Iee85553a3bb794f645cf0e3233c6adc85ea172d8 Signed-off-by: Elisamara Aoki Goncalves --- ...tarlingx-rest-and-web-server-endpoints.rst | 55 +++---------------- 1 file changed, 8 insertions(+), 47 deletions(-) diff --git a/doc/source/security/kubernetes/enable-https-access-for-starlingx-rest-and-web-server-endpoints.rst b/doc/source/security/kubernetes/enable-https-access-for-starlingx-rest-and-web-server-endpoints.rst index b489a7687..45d303aee 100644 --- a/doc/source/security/kubernetes/enable-https-access-for-starlingx-rest-and-web-server-endpoints.rst +++ b/doc/source/security/kubernetes/enable-https-access-for-starlingx-rest-and-web-server-endpoints.rst @@ -2,9 +2,9 @@ .. byh1570029392020 .. _enable-https-access-for-starlingx-rest-and-web-server-endpoints: -=============================================================== -Enable HTTPS Access for StarlingX REST and Web Server Endpoints -=============================================================== +======================================================== +HTTPS Access for StarlingX REST and Web Server Endpoints +======================================================== When secure HTTPS connectivity is enabled, HTTP is disabled. @@ -22,53 +22,14 @@ When secure HTTPS connectivity is enabled, HTTP is disabled. - You must change the port portion of the Horizon Web interface URL. - For HTTP, use http::8080 - For HTTPS, use https::8443 - You must logout and re-login into Horizon for the HTTPS Access changes to be displayed accurately in Horizon. -.. rubric:: |proc| - -- To enable HTTPS for StarlingX REST and Web Server endpoints: - - .. code-block:: none - - ~(keystone_admin)]$ system modify --https_enabled true - -- To disable HTTPS for StarlingX REST and Web Server endpoints: - - .. code-block:: none - - ~(keystone_admin)]$ system modify --https_enabled false - -- Use the following command to display HTTPS settings: - - .. code-block:: none - - [sysadmin@controller-0 ~(keystone_admin)]$ system show - +----------------------+--------------------------------------+ - | Property | Value | - --------------------------------------------------------------+ - | contact | None | - | created_at | 2020-02-27T15:47:23.102735+00:00 | - | description | None | - | https_enabled | False | - | location | None | - | name | 468f57ef-34c1-4e00-bba0-fa1b3f134b2b | - | region_name | RegionOne | - | sdn_enabled | False | - | security_feature | spectre_meltdown_v1 | - | service_project_name | services | - | software_version | nn.nn | - | system_mode | duplex | - | system_type | Standard | - | timezone | Canada/Eastern | - | updated_at | 2020-02-28T10:56:24.297774+00:00 | - | uuid | c0e35924-e139-4dfc-945d-47f9a663d710 | - | vswitch_type | none | - +----------------------+--------------------------------------+ - - +Moving forward, the system will be have HTTPS enabled by default, as the REST +API & Web Server certificate will be issued from bootstrap using the Platform +Issuer (``system-local-ca``). This certificate will be renewed by cert-manager, +and can be updated using procedure in +:ref:`migrate-platform-certificates-to-use-cert-manager-c0b1727e4e5d`. \ No newline at end of file