Improving security in Xen Orchestra

Features May 14, 2017

Since our latest update in 5.8.1, we decided to provide an extra security step for connecting to non-valid HTTPS certificates.

Default in HTTPS

As usual when you try to add a new pool/host in Xen Orchestra, we'll try to connect to XenServer API in HTTPS by default. In other words, adding a host with myxenserver.org is the same than adding https://myxenserver.org.

However, since 5.8.1, Xen Orchestra won't connect if the certificate is not valid (self-signed or expired).

By clicking on the warning message, you'll have a modal window:

Now, it will be automatically by-passed, as you can see with this toggle button activated:

Remember to use a HTTPS on a non-valid certificate won't protect you from man-in-the-middle attacks.

HTTP only

If you want to connect in HTTP, it's possible: you'll need to explicitly set it: http://myxenserver.org. However, all the traffic between XOA and your pool will be in clear.

Change a certificate in XenServer

As of Xenserver and XCP-ng 8.2 and beyond, if you want to change the certificate of your hosts (used by XAPI), there are xe commands dedicated to this. Please follow the documentation.

You'll have to do it on all hosts of the pool.

Tags

Olivier Lambert

Vates CEO & co-founder, Xen Orchestra and XCP-ng project creator. Enthusiast entrepreneur and Open Source advocate. A very happy Finnish Lapphund owner.