---

Subject:	Yes NGINX does appear to be
Author:	[Not Specified]
Posted:	2015-07-08 09:19

Yes NGINX does appear to be in zproxy. I was able to edit the Zproxy container through CC UI to enable TLS but Zenoss cannot see the certificates outside of its container. I read that for docker containers may be able to view folders if mounted a specific way

---

Subject:	Actually it's:
Author:	Jan Garaj
Posted:	2015-07-08 17:14

Actually it's:
serviced (control center) -> zproxy (nginx) -> zope

Try to setup serviced first - http://controlcenter.io/docs/topics/config-defaults.html:
SERVICED_KEY_FILE
SERVICED_CERT_FILE

Devops Monitoring Expert advice: Dockerize/automate/monitor all the things.

DevOps stack: Docker / Kubernetes / Mesos / Zabbix / Zenoss / Grafana / Puppet / Ansible / Vagrant / Terraform / Elasticsearch

---

Subject:	I'm a bit confused so from
Author:	[Not Specified]
Posted:	2015-07-16 14:13

I'm a bit confused so from the Control Center UI i went to Zproxy (nginx) aka "/opt/zenoss/zproxy/conf/zproxy-nginx.conf" to do my edits. I don't see any Zope option in there.. do you mean I have to edit my zope as well Or do you mean go to the backend of CC and go to Zproxy -->zope.. I couldn't find that option in the backend

---

Subject:	Is there documentation to do
Author:	[Not Specified]
Posted:	2015-09-18 13:23

Is there documentation to do this by now

I was asked to do it for our install, but googling arround brought me no further than this thread T_T

EDIT:
Now i found that i have to edit /etc/default/serviced

# Set the TLS keyfile
# SERVICED_KEY_FILE=/etc/....

# Set the TLS certfile
# SERVICED_CERT_FILE=/etc/....

I am waiting for the files now, but i am also having trouble cause i was asked to change the hostname of the server.

---

Subject:	I think this was a bug in
Author:	[Not Specified]
Posted:	2015-10-14 19:43

I think this was a bug in versions earlier than 5.0.5 where the certificate settings in /etc/default/serviced where not honored.

We're running 5.0.6 and have been able to successfully specify a cert/key pair for Control Center/Zenoss using the settings in this file.

---

Subject:	I finally got my certificates
Author:	[Not Specified]
Posted:	2015-11-09 11:54

I finally got my certificates, and configured the /etc/default/serviced file.

Control Center is now happy with it's certificate, but zenoss is not (or more correctly, the browser is happy in CC but not in zenoss).

The certificate was made for the FQDN of the server, i believe the virtual hosts were not mentioned.

Is there any special way to make the certificate request so that it will work in virtual hosts

---

Subject:	Try to use wildcard
Author:	Jan Garaj
Posted:	2015-11-09 13:21

Try to use wildcard certificate and it should work with all your current and future vhosts.

Devops Monitoring Expert advice: Dockerize/automate/monitor all the things.

DevOps stack: Docker / Kubernetes / Mesos / Zabbix / Zenoss / Grafana / Puppet / Ansible / Vagrant / Terraform / Elasticsearch

---

Subject:	Bumping this because I am
Author:	[Not Specified]
Posted:	2017-03-20 09:42

Bumping this because I am having the same issue as Rcocchiararo, except I am using a wildcard cert.

My borwser is happy with https://[hostFQDN]. My browser is complaining about a bad cert domain for https://zenoss5.[host FQDN]

---

Subject:	Since it's seen as a
Author:	[Not Specified]
Posted:	2017-03-20 11:45

Since it's seen as a subdomain, it's not going to work. I didn't want to deal with installing the cert elsewhere outside of serviced. I ended up directing Control Center to port 8080 and then creating a new endpoint for Zenoss.core that points to port 443. Now my cert is "working".

That being said, does anyone know where to change the redirect for port 80? I'd like to redirect to zenoss.core rather than control center.