We have an standalone <\/strong>instance of Ansible AWX<\/strong>(Docker version) already installed in a CentOS linux machine.<\/p>\n\n\n\n The web container <\/strong>called awx_web<\/strong>, is configured with http<\/strong>, port 80.<\/p>\n\n\n\n And the values into inventory file <\/strong>related to SSL are still commented :<\/p>\n\n\n\n In a testing Lab <\/strong>environment we need to create <\/strong>a self-signed certificate<\/strong>. <\/p>\n\n\n\n Create awx-ssl<\/strong> folder <\/strong>in \/opt\/ansible-awx\/awx\/installer :<\/p>\n\n\n\n Generate <\/strong>a self-signed SSL certificate<\/strong> with your own information :<\/p>\n\n\n\n CN <\/strong>: Common Name Merge awx.key<\/strong> and awx.crt<\/strong> files into a final certificate file called awx-self-signed-key.crt<\/strong> :<\/p>\n\n\n\n Modify <\/strong>the Ansible AWX inventory file <\/strong>to configure our ssl certificate :<\/p>\n\n\n\n To reconfigure <\/strong>the web container<\/strong>(awx_web) with the SSL <\/strong>new parameters<\/strong>, it’s necessary to relaunch <\/strong>the installation <\/strong>command to apply all the changes into the container, more specifically, to modify the nginx web server configuration inside the container. <\/p>\n\n\n\n Execute the following :<\/p>\n\n\n\n Now the web container <\/strong>called awx_web<\/strong>, is configured with https<\/strong>, port 443<\/strong>.<\/p>\n\n\n\n And the Ansible AWX instance can be accessible by https <\/strong>: <\/p>\n\n\n\n We can check just inside <\/strong>the awx_web container<\/strong>, and see that there is our certificate file but with the name awxweb.pem<\/strong> :<\/p>\n\n\n\n Access to web container :<\/p>\n\n\n\n Check file certificate :<\/p>\n\n\n\n <\/p>\n","protected":false},"excerpt":{"rendered":" Initial situation, HTTP : We have an standalone instance of Ansible AWX(Docker version) already installed in a CentOS linux machine. … More Ansible AWX: How to configure SSL\/HTTPs<\/span> # docker ps\nCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\nbb3053c6cd38 ansible\/awx:13.0.0 \"tini -- \/bin\/sh -c \u2026\" 7 days ago Up 6 days 0.0.0.0:80<\/strong>->8052\/tcp awx_web<\/strong><\/code><\/pre>\n\n\n\n# vi \/opt\/ansible-awx\/awx\/installer\/inventory<\/code><\/pre>\n\n\n\nhost_port=80\n#host_port_ssl=443\n#ssl_certificate=<\/code><\/pre>\n\n\n\nConfigure SSL \/ HTTPs :<\/strong><\/h3>\n\n\n\n
# mkdir -p \/opt\/ansible-awx\/awx\/installer\/awx-ssl\n<\/code><\/pre>\n\n\n\n
O <\/strong>: Organization
C <\/strong>: Country<\/p>\n\n\n\n# openssl req -subj '\/CN=ansible.awx\/O=Lab\/C=FR' \\\n\t-new -newkey rsa:2048 \\\n\t-sha256 -days 1365 \\\n\t-nodes -x509 \\\n\t-keyout \/opt\/ansible-awx\/awx\/installer\/awx-ssl\/awx.key \\\n\t-out \/opt\/ansible-awx\/awx\/installer\/awx-ssl\/\/awx.crt\n<\/code><\/pre>\n\n\n\n# cd \/opt\/ansible-awx\/awx\/installer\/awx-ssl\n# cat awx.key awx.crt > awx-self-signed-key.crt\n<\/code><\/pre>\n\n\n\n# vi \/opt\/ansible-awx\/awx\/installer\/inventory<\/code><\/pre>\n\n\n\n#host_port=80\nhost_port_ssl=443\nssl_certificate=\/opt\/ansible-awx\/awx\/installer\/awx-ssl\/awx-self-signed-key.crt<\/code><\/pre>\n\n\n\nRelaunch Ansible AWX Installation Playbook :<\/strong><\/h3>\n\n\n\n
# cd \/opt\/ansible-awx\/awx\/installer\n# ansible-playbook -i inventory install.yml\n<\/code><\/pre>\n\n\n\n# docker ps\nCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\n9d01d5daa7da ansible\/awx:13.0.0 \"tini -- \/bin\/sh -c \u2026\" 10 minutes ago Up 10 minutes 0.0.0.0:443<\/strong>->8053\/tcp awx_web<\/strong><\/code><\/pre>\n\n\n\nhttps://[ANSIBLE_AWX_INSTANCE]<\/code><\/pre>\n\n\n\nQuick verification<\/h3>\n\n\n\n
# docker exec -ti awx_web \/bin\/bash\n<\/code><\/pre>\n\n\n\n# cd \/etc\/nginx\n# ls -l awxweb.pem\n<\/code><\/pre>\n\n\n\n