Description of problem: While doing the documentation for Bug # 889118 ("Please add a hint to firewall, and also use https") I noticed that on my packstack deployment it appears that only http is opened in the firewall. From /etc/sysconfig/iptables: -A INPUT -p tcp -m multiport --dports 80 -m comment --comment "001 horizon incoming" -j ACCEPT I think we should default to HTTPS here if possible (or at worst both HTTP and HTTPS)? Version-Release number of selected component (if applicable): openstack-packstack-2012.2.2-0.5.dev318.el6ost.noarch
Enabling both port looks right to me!
Fix submitted upstream https://review.openstack.org/#/c/22698/ The default self signed certs are used so 1. a warning is being output * NOTE : You should change the ssl certificates used to a your own CA signed cert 2. this is not the default CONFIG_HORIZON_SSL must be set to 'y' otherwise plain text will be used.
Verified NVR: openstack-packstack-2012.2.3-0.1.dev454.el6ost.noarch 1. Installed OpenStack via packstack, While setting CONFIG_HORIZON_SSL attribute to 'y' Verified that: httpd now listen both to 80 and 443 horizon accepts connections in http and https
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2013-0671.html