From b843dd7af822820d29e587f192414d44acdf3dfa Mon Sep 17 00:00:00 2001 From: Ewan Mellor Date: Tue, 27 Mar 2007 23:23:01 +0100 Subject: Added HTTPS support to Xend. There are new configuration options for the Xen-API and legacy XML-RPC servers to set key and certificate files, and xm simply needs to be configured use an https rather than an http URL. Signed-off-by: Ewan Mellor --- tools/examples/xend-config.sxp | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) (limited to 'tools/examples/xend-config.sxp') diff --git a/tools/examples/xend-config.sxp b/tools/examples/xend-config.sxp index a229ccd43f..047ed71c1e 100644 --- a/tools/examples/xend-config.sxp +++ b/tools/examples/xend-config.sxp @@ -46,6 +46,11 @@ # (xen-api-server ((9363 pam '^localhost$ example\\.com$') # (unix none))) # +# Optionally, the TCP Xen-API server can use SSL by specifying the private +# key and certificate location: +# +# (9367 pam '' /etc/xen/xen-api.key /etc/xen/xen-api.crt) +# # Default: # (xen-api-server ((unix))) @@ -59,11 +64,18 @@ #(xend-unix-path /var/lib/xend/xend-socket) -# Address and port xend should use for the TCP XMLRPC interface, + +# Address and port xend should use for the legacy TCP XMLRPC interface, # if xen-tcp-xmlrpc-server is set. #(xen-tcp-xmlrpc-server-address 'localhost') #(xen-tcp-xmlrpc-server-port 8006) +# SSL key and certificate to use for the legacy TCP XMLRPC interface. +# Setting these will mean that this port serves only SSL connections as +# opposed to plaintext ones. +#(xend-tcp-xmlrpc-server-ssl-key-file /etc/xen/xmlrpc.key) +#(xend-tcp-xmlrpc-server-ssl-cert-file /etc/xen/xmlrpc.crt) + # Port xend should use for the HTTP interface, if xend-http-server is set. #(xend-port 8000) -- cgit v1.2.3