Ask Your Question
1

Https for Horizon

asked 2015-07-23 07:34:01 -0500

Openstackuser2013 gravatar image

My OS is Ubuntu 14.04 and Apache version is Apache/2.4.7. Openstack version is Icehouse.

I am trying to enable https for Openstack Dashboard using self signed certificates.

I have followed this guide on configuring Apache: http://docs.openstack.org/icehouse/co...

Following this guide leads to 2 errors:

First there is something wrong with redirection. Connecting to http://mysserver/horizon (The index page of Horizon service) gets redirected to https://myserverhorizon. The slash between servername and page name is missing.

If I manually enter the correct address (https://myserver/horizon) I get warning about my self signed cert. So it seems that certificates are ok.

After accepting my certificate I get Apache error page:

Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.

I get same error for static index page at document root so it seems that Apache has totally ceased functioning.

/var/log/apache2/error.log has errors like this:

 [Thu Jul 23 15:27:20.918036 2015] [:error] [pid 21996:tid 139772346193664] [remote myip:7760]     SECRET_KEY = secret_key.generate_or_read_from_file('/var/lib/openstack-dashboard/secret_key')
     [Thu Jul 23 15:27:20.918052 2015] [:error] [pid 21996:tid 139772346193664] [remote myip:7760]   File "/usr/lib/python2.7/dist-packages/horizon/utils/secret_key.py", line 55, in generate_or_read_from_file
     [Thu Jul 23 15:27:20.918105 2015] [:error] [pid 21996:tid 139772346193664] [remote myip:7760]     with lock:
    [Thu Jul 23 15:27:20.918119 2015] [:error] [pid 21996:tid 139772346193664] [remote myip:7760]   File "/usr/lib/python2.7/dist-packages/lockfile.py", line 223, in __enter__
[Thu Jul 23 15:27:20.918266 2015] [:error] [pid 21996:tid 139772346193664] [remote myip:7760]     self.acquire()
[Thu Jul 23 15:27:20.918281 2015] [:error] [pid 21996:tid 139772346193664] [remote myip:7760]   File "/usr/lib/python2.7/dist-packages/lockfile.py", line 239, in acquire
[Thu Jul 23 15:27:20.918299 2015] [:error] [pid 21996:tid 139772346193664] [remote myip:7760]     raise LockFailed("failed to create %s" % self.unique_name)
[Thu Jul 23 15:27:20.918322 2015] [:error] [pid 21996:tid 139772346193664] [remote myip:7760] LockFailed: failed to create /var/lib/openstack-dashboard/fsd25.MainThread-21996
[Thu Jul 23 15:27:22.531077 2015] [:error] [pid 21998:tid 139772346193664] [remote myip:7760] mod_wsgi (pid=21998): Exception occurred processing WSGI script '/usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi'.
[Thu Jul 23 15:27:22.531156 2015] [:error] [pid 21998:tid 139772346193664] [remote myip:7760] Traceback (most recent call last):
[Thu Jul 23 15:27:22.531181 2015] [:error] [pid 21998:tid 139772346193664] [remote myip:7760]   File "/usr/lib/python2.7/dist-packages/django/core/handlers/wsgi.py", line 187, in __call__
[Thu Jul 23 15:27:22.531296 2015] [:error] [pid 21998:tid 139772346193664] [remote myip:7760]     self.load_middleware()
[Thu Jul 23 15:27:22.531314 2015] [:error] [pid 21998:tid 139772346193664] [remote myip:7760]   File "/usr/lib/python2.7/dist-packages/django/core/handlers/base.py", line 44, in load_middleware
[Thu Jul 23 15:27:22.531434 2015] [:error ...
(more)
edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
1

answered 2015-07-23 07:43:35 -0500

zsolt-krenak gravatar image

The Secret key error is a permisson error, Apache doesn't have the permission to write to /var/lib/openstack-dashboard directory. Change the ownership of this folder to www-data (apache user on ubuntu) and to 700 the permissions so only the apache user can read this folder and it's content.

The redirection should be some apache config error, look in the site config.

edit flag offensive delete link more

Comments

Setting the corrected permissions worked.

Openstackuser2013 gravatar imageOpenstackuser2013 ( 2015-07-24 00:58:03 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-07-23 07:34:01 -0500

Seen: 322 times

Last updated: Jul 23 '15