Red Hat SummitChapter 2. Authentication and Security
This chapter provides information on authorization through Red Hat Gluster Storage Console's security.
2.1. TLS/SSL Certification
Copy linkLink copied to clipboard!
The Red Hat Gluster Storage Console API requires Hypertext Transfer Protocol Secure (HTTPS) for secure interaction with client software, such as the Console's SDK and CLI components. This involves a process of attaining a certificate from your Red Hat Gluster Storage Console server and importing it into your client's certificate store.
Procedure 2.1. Attain a certificate
This process helps a user attain a certificate from the Red Hat Gluster Storage Console and transfer it to the client machine. A user achieves this using one of two methods:
- Method 1 - Use a command line tool to download the certificate from the server. Examples of command line tools include cURL and Wget; both are available for multiple platforms.
- If using cURL:
curl -o rhsc.cer http://[rhgsc-server]/ca.crt
curl -o rhsc.cer http://[rhgsc-server]/ca.crtCopy to Clipboard Copied! Toggle word wrap Toggle overflow - If using Wget:
wget -O rhsc.cer http://[rhgsc-server]/ca.crt
wget -O rhsc.cer http://[rhgsc-server]/ca.crtCopy to Clipboard Copied! Toggle word wrap Toggle overflow
- Method 2 - Use a web browser to navigate to the certificate located at:Depending on the chosen browser, the certificate either downloads or imports into the browser's keystore.
http://[rhgsc-server]/ca.crt
http://[rhgsc-server]/ca.crtCopy to Clipboard Copied! Toggle word wrap Toggle overflow - If the browser downloads the certificate: save the file as
rhsc.cer.If the browser imports the certificate: export it from the browser's certification options and save it asrhsc.cer.
Each of the above methods results in a certificate file named
rhsc.cer on your client machine. An API user imports this file into the client's certificate store.
Procedure 2.2. Import a certificate to your client
- A certificate import for your client relies on how the client itself stores and interprets certificates. This guide contains an example on importing to a Java keystore in Appendix D, Java Keystores. For clients not using Network Security Services (NSS) or Java KeyStore (JKS), please refer to your client documentation for more information on importing a certificate.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}