Title: Configuring Secured Deployment (HTTPS) Describe the issue: Section 11.4.2 describes the HTTPS configuration for Dashboard. The "After" block has some issues: - it sets www-data as user/group for the WSGI processes. This is valid in Debian/Ubuntu, but on RHEL it should be apache - with the block as defined, there are some minor annoyances with redirections (failure after log-in when accessing /dashboard, failure on disconnection). I have a working configuration, but I think it could be improved. Suggestions for improvement: A proposed configuration for "After" is: <VirtualHost *:80> ServerName openstack.example.com RedirectPermanent / https://openstack.example.com/ </VirtualHost> <VirtualHost *:443> ServerName openstack.example.com SSLEngine On SSLCertificateFile /etc/httpd/SSL/openstack.example.com.crt SSLCACertificateFile /etc/httpd/SSL/openstack.example.com.crt SSLCertificateKeyFile /etc/httpd/SSL/openstack.example.com.key SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown WSGIScriptAlias / /usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi WSGIDaemonProcess horizon user=apache group=apache processes=3 threads=10 RedirectPermanent /dashboard https://openstack.example.com Alias /static /usr/share/openstack-dashboard/static/ <Directory /usr/share/openstack-dashboard/openstack_dashboard/wsgi> Order allow,deny Allow from all </Directory> </VirtualHost> I think the second "RedirectPermanent" directive could be improved, but it works as-is. Additional information: