Description of problem:
Extend appe-Red_Hat_Enterprise_Virtualization_and_SSL.html to cover websocket-proxy, this topic was raised on ovirt-users list, see
http://lists.ovirt.org/pipermail/users/2016-August/041666.html
For custom CA and own certs for https, websocket proxy would need following changes:
# cat /etc/ovirt-engine/ovirt-websocket-proxy.conf.d/10-setup.conf
PROXY_PORT=6100
SSL_CERTIFICATE=/etc/pki/ovirt-engine/apache-ca.pem
SSL_KEY=/etc/pki/ovirt-engine/keys/apache.key.nopass
CERT_FOR_DATA_VERIFICATION=/etc/pki/ovirt-engine/certs/engine.cer
SSL_ONLY=True
original was
]# cat /etc/ovirt-engine/ovirt-websocket-proxy.conf.d/10-setup.conf.orig
PROXY_PORT=6100
SSL_CERTIFICATE=/etc/pki/ovirt-engine/certs/websocket-proxy.cer
SSL_KEY=/etc/pki/ovirt-engine/keys/websocket-proxy.key.nopass
CERT_FOR_DATA_VERIFICATION=/etc/pki/ovirt-engine/certs/engine.cer
SSL_ONLY=True
Version-Release number of selected component (if applicable):
rhevm-doc-4.0.0-3.el7ev.noarch
How reproducible:
100%
Steps to Reproduce:
1. check rhevm docs if there are steps how to put custom certs for spice-html5
2.
3.
Actual results:
none steps
Expected results:
docs should cover it
Additional info: