It’s been a while since Ceph Rados Gateway (RGW) has had built-in support for SSL. In this blog post, we’ll quickly cover how to setup SSL for RGW and add another layer of security to the object-storage endpoint without much effort.

The first ingredient we need to configure SSL endpoint is the "SSL Certificate" itself, which must be obtained through an official certification authority, or CA. It’s the CA’s responsibility to confirm the certificate’s identity, as well as assert for its authenticity. For demonstration purposes, we’ll use a self-sign certificate. For production environment acquiring an SSL certificate through an authorized CA is recommended.

Note: If you already have an SSL certificate for your domain, you can skip the following steps and edit "/etc/ceph/ceph.conf" file to configure SSL. If you don't have one and want to use self-signed certs, keep on reading….

  • On Ceph RGW node generate a self-sign certificate

    [code padlinenumbers="true"]
    [root@rgw1 ~]# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/ceph-rgw-cert.key -out /etc/ssl/certs/ceph-rgw.crt



  • sdfg
  • sdfg
  • sdfg

Red Hat logoLinkedInYouTubeFacebookTwitter



Experimente, compre, venda


Sobre a Red Hat

A Red Hat é a líder mundial em soluções empresariais open source como Linux, nuvem, containers e Kubernetes. Fornecemos soluções robustas que facilitam o trabalho em diversas plataformas e ambientes, do datacenter principal até a borda da rede.

Assine nossa newsletter Red Hat Shares

Cadastre-se agora

Selecione um idioma