测试:ceph-mon01的8080是否可访问?
[cephadm@ceph-admin ceph-cluster]$ curl ceph-mon01:8080<?xml version="1.0" encoding="UTF-8"?><ListAllMyBucketsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><Owner><ID>anonymous</ID><DisplayName></DisplayName></Owner><Buckets></Buckets></ListAllMyBucketsResult>[cephadm@ceph-admin ceph-cluster]$配置rgw以https的方式提供服务
1、准备证书
生成key
[root@ceph-mon01 ~]# mkdir /etc/ceph/ssl[root@ceph-mon01 ~]# cd /etc/ceph/ssl[root@ceph-mon01 ssl]# openssl genrsa -out /etc/ceph/ssl/ceph.test.keyGenerating RSA private key, 2048 bit long modulus............+++................................+++e is 65537 (0x10001)[root@ceph-mon01 ssl]# cat /etc/ceph/ssl/ceph.test.key-----BEGIN RSA PRIVATE KEY-----MIIEogIBAAKCAQEAth2CA5M9psyG7Nmq4pWK8CMfgQpCfaQdKHU6qyQKq4/TflnBkhrWlz2sANEUQpLkzhjAeto7PU+ykgpMN3J8a3TZu3SIsKC/MBB1yDHx6raU33R0I6hbdtumjvP4XVWDcY0Zod4zkRH/iCkQKMw2RhjVEaKT+0KnHAle5RxLojcrqIz9iibmUqdH35T8aM8EIAwRcJx0QBYDlQJmqdhuHGt41ujqSpWcZEoGfsODxYuisZlkwOgTzTlfMcjOesPoSSqJ2X8zXzdbcMI6kEJb/xPa8ByTVOR8OAQJILezg2T5T6rMo3J9WVcGmDwqSczpzcyirRk+OavfawL3JJHsAQIDAQABAoIBAEphbOum5KROnsD3+gqHR3Li9YgPt653LA2NK8QgeVcu7BOL9zqESacF4k2HF35FXrwqcdr7bPySo31wRUbUNKry08bzRqzVSqEH6AM3GvZhUhaeCp1RsuGtvq5eSM9eEMx8874f8fHLZxGmq9nt5jDlDYkhXM1foL8buK1czCtZKqekhtFF9k5xis1d+QPeA0Pp/u94L0srzemhJDBcu52lw1kipnYWTn2jvfPoh0Ob/Bwm53Pl8ZhweD3peyxGpRZd41gY6LRzbFGG6QqG5syXzNeE9p5ozJjA3w0En1XwPOGnOcrrjCvY/Jk1mYkd9ERBpFDaPMIM52ArbIE84kECgYEA4bbxi0We62rwGOFJvPQ54O5hMEhxaYNxqcEDhwEBFUAU9f7Y6FFTk36obztXFjwhte3H9raIPuZjHpkZ+UZG4R1eESbWX1C3UvfFHHQFHqaS8l+sG1xhjVbyhif9wJwx8Wu4gAsdzmGXYQ1NzNXkucLX9Tn6xoAM6X7qbaBDkYkCgYEAzoz5EGkdmoPeYlV2aBgsvrcVQH8CHDdsg+8vgigq7WBsRO/lZPHRwdsjI60QJJ6RJkqJY01Rk5hOYSEqAckE8FKSS9ynFHxomAncvO0ZRpvH2aQr+Ecr5oi4mzyOt1LRVgxwguEGDBku0vXYaJQTXZM3FaeLLQ5aDrE9pg8fwLkCgYBOEgUB8xbAvsBFGsdyf9b1If6jwKrZoAlUedpKe+JwAzY8z+UeleKehZSkxJWerzXJw3ECuKfveaiXEMWXHuOtQYcjz5ceaMDABcs7yDVtIJh7FPRmklF7nbNNC9ANKvlrU6MBRtcMZ10AyKU8UE9IoUgpHeDLf8b3jFpxiJlWYQKBgBhC8tZ8ol+N8cc3Jqtfe5IDS1nCEWtjDzoIFFqDgVdUpiMK0rUiunK83MnKAEVs4rvOsYiagmSF1V8PWDHRfOUFre1/Q5jibB6/uc/vQbLLhZQI9qk5Iuz3Tkfdux3JepFS8LxO1jkBlEBvZDYUfpnVOvkuLujh8K4dH5Kr4BzxAoGAKVyF4cBthBBZ0d7hKLGjBLr0mNLPmroGbYnzLfqwz2OZiudvIrA1EDFPsQwJGHgkYd9tWhIvrp1orfOtRxocFYCUyBDba5yZjTplSKbYQ+muBHCmNsurc/KMUreFCZGVU/oEG0ebGVbavG8lAVKs17+tr/Ct2UpsgO99+XxeP5Y=-----END RSA PRIVATE KEY-----[root@ceph-mon01 ssl]#自签证书签署
[root@ceph-mon01 ssl]# openssl req -new -x509 -key /etc/ceph/ssl/ceph.test.key -out /etc/ceph/ssl/ceph.test.pem -days 365You are about to be asked to enter information that will be incorporatedinto your certificate request.What you are about to enter is what is called a Distinguished Name or a DN.There are quite a few fields but you can leave some blankFor some fields there will be a default value,If you enter '.', the field will be left blank.-----Country Name (2 letter code) [XX]:CNState or Province Name (full name) []:SICHUANLocality Name (eg, city) [Default City]:GYOrganization Name (eg, company) [Default Company Ltd]:TESTOrganizational Unit Name (eg, section) []:TESTCommon Name (eg, your name or your server's hostname) []:ceph-mon01.ilinux.ioEmail Address []:[root@ceph-mon01 ssl]# lsceph.test.keyceph.test.pem[root@ceph-mon01 ssl]#合并key和自签名证书到一个文件
[root@ceph-mon01 ssl]# cat ceph.test.key ceph.test.pem > ceph.test.crt[root@ceph-mon01 ssl]# cat ceph.test.crt-----BEGIN RSA PRIVATE KEY-----MIIEogIBAAKCAQEAth2CA5M9psyG7Nmq4pWK8CMfgQpCfaQdKHU6qyQKq4/TflnBkhrWlz2sANEUQpLkzhjAeto7PU+ykgpMN3J8a3TZu3SIsKC/MBB1yDHx6raU33R0I6hbdtumjvP4XVWDcY0Zod4zkRH/iCkQKMw2RhjVEaKT+0KnHAle5RxLojcrqIz9iibmUqdH35T8aM8EIAwRcJx0QBYDlQJmqdhuHGt41ujqSpWcZEoGfsODxYuisZlkwOgTzTlfMcjOesPoSSqJ2X8zXzdbcMI6kEJb/xPa8ByTVOR8OAQJILezg2T5T6rMo3J9WVcGmDwqSczpzcyirRk+OavfawL3JJHsAQIDAQABAoIBAEphbOum5KROnsD3+gqHR3Li9YgPt653LA2NK8QgeVcu7BOL9zqESacF4k2HF35FXrwqcdr7bPySo31wRUbUNKry08bzRqzVSqEH6AM3GvZhUhaeCp1RsuGtvq5eSM9eEMx8874f8fHLZxGmq9nt5jDlDYkhXM1foL8buK1czCtZKqekhtFF9k5xis1d+QPeA0Pp/u94L0srzemhJDBcu52lw1kipnYWTn2jvfPoh0Ob/Bwm53Pl8ZhweD3peyxGpRZd41gY6LRzbFGG6QqG5syXzNeE9p5ozJjA3w0En1XwPOGnOcrrjCvY/Jk1mYkd9ERBpFDaPMIM52ArbIE84kECgYEA4bbxi0We62rwGOFJvPQ54O5hMEhxaYNxqcEDhwEBFUAU9f7Y6FFTk36obztXFjwhte3H9raIPuZjHpkZ+UZG4R1eESbWX1C3UvfFHHQFHqaS8l+sG1xhjVbyhif9wJwx8Wu4gAsdzmGXYQ1NzNXkucLX9Tn6xoAM6X7qbaBDkYkCgYEAzoz5EGkdmoPeYlV2aBgsvrcVQH8CHDdsg+8vgigq7WBsRO/lZPHRwdsjI60QJJ6RJkqJY01Rk5hOYSEqAckE8FKSS9ynFHxomAncvO0ZRpvH2aQr+Ecr5oi4mzyOt1LRVgxwguEGDBku0vXYaJQTXZM3FaeLLQ5aDrE9pg8fwLkCgYBOEgUB8xbAvsBFGsdyf9b1If6jwKrZoAlUedpKe+JwAzY8z+UeleKehZSkxJWerzXJw3ECuKfveaiXEMWXHuOtQYcjz5ceaMDABcs7yDVtIJh7FPRmklF7nbNNC9ANKvlrU6MBRtcMZ10AyKU8UE9IoUgpHeDLf8b3jFpxiJlWYQKBgBhC8tZ8ol+N8cc3Jqtfe5IDS1nCEWtjDzoIFFqDgVdUpiMK0rUiunK83MnKAEVs4rvOsYiagmSF1V8PWDHRfOUFre1/Q5jibB6/uc/vQbLLhZQI9qk5Iuz3Tkfdux3JepFS8LxO1jkBlEBvZDYUfpnVOvkuLujh8K4dH5Kr4BzxAoGAKVyF4cBthBBZ0d7hKLGjBLr0mNLPmroGbYnzLfqwz2OZiudvIrA1EDFPsQwJGHgkYd9tWhIvrp1orfOtRxocFYCUyBDba5yZjTplSKbYQ+muBHCmNsurc/KMUreFCZGVU/oEG0ebGVbavG8lAVKs17+tr/Ct2UpsgO99+XxeP5Y=-----END RSA PRIVATE KEY----------BEGIN CERTIFICATE-----MIIDpTCCAo2gAwIBAgIJAKiSRxIiMIwAMA0GCSqGSIb3DQEBCwUAMGkxCzAJBgNVBAYTAkNOMRAwDgYDVQQIDAdTSUNIVUFOMQswCQYDVQQHDAJHWTENMAsGA1UECgwEVEVTVDENMAsGA1UECwwEVEVTVDEdMBsGA1UEAwwUY2VwaC1tb24wMS5pbGludXguaW8wHhcNMjIxMDA4MDcyMzI1WhcNMjMxMDA4MDcyMzI1WjBpMQswCQYDVQQGEwJDTjEQMA4GA1UECAwHU0lDSFVBTjELMAkGA1UEBwwCR1kxDTALBgNVBAoMBFRFU1QxDTALBgNVBAsMBFRFU1QxHTAbBgNVBAMMFGNlcGgtbW9uMDEuaWxpbnV4LmlvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAth2CA5M9psyG7Nmq4pWK8CMfgQpCfaQdKHU6qyQKq4/TflnBkhrWlz2sANEUQpLkzhjAeto7PU+ykgpMN3J8a3TZu3SIsKC/MBB1yDHx6raU33R0I6hbdtumjvP4XVWDcY0Zod4zkRH/iCkQKMw2RhjVEaKT+0KnHAle5RxLojcrqIz9iibmUqdH35T8aM8EIAwRcJx0QBYDlQJmqdhuHGt41ujqSpWcZEoGfsODxYuisZlkwOgTzTlfMcjOesPoSSqJ2X8zXzdbcMI6kEJb/xPa8ByTVOR8OAQJILezg2T5T6rMo3J9WVcGmDwqSczpzcyirRk+OavfawL3JJHsAQIDAQABo1AwTjAdBgNVHQ4EFgQUeeRFLKn76P9N7GzquqLSjfC1gwswHwYDVR0jBBgwFoAUeeRFLKn76P9N7GzquqLSjfC1gwswDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAqHQ8hCz5bYmXqtJW6Uk1h0T8nHirrkUovLIp0xB6GhK9wsLh8bZze7FXQfgMCmTFIzOmsBJZGLuoqwfWwNtBuy7XfTRJBh1yWY3lvf3Bmd/5W+6tpZlGCfVyj1q6gOE1W2yZC0JAK+BRQyHTvG3dDosOZnIxw111IHkLWxJruz+Z8L7+FGCye+As6hUPNB/yrrmjTTCJDkqUSY6Haw1prLZqVlA3JinnQqFSNbc92/cX1frUkHsgwp2d5KCCQ6WSRxbXUfi1ZPEDfHftg6Xzfac+FRXu46ht8PfcDh4XNT0uDZYjtXrNRSOcnEiftc2pxDxLEo6Ilt3Zb53sdYtq4A==-----END CERTIFICATE-----[root@ceph-mon01 ssl]#
推荐阅读
- 记一次某制造业ERP系统 CPU打爆事故分析
- 没有使用IaC的DevOps系统都是耍流氓
- JuiceFS 元数据引擎选型指南
- win7升级到win10系统后,node13升级为node16,node版本node-sass版本与不匹配,导致出现npm ERR! ERESOLVE could not resolve
- day09-1存储引擎
- 手把手教你玩转 Gitea|在 Windows 系统上安装 Gitea
- 分布式存储系统之Ceph集群RBD基础使用
- 荣耀magic3支持鸿蒙系统吗_荣耀magic3能升级鸿蒙吗
- 手机怎么自己刷机,恢复系统(手机可以自己刷机吗)
- 电脑刷机怎么操作(电脑刷机重装系统)