Zenoss over SSL with Nginx reverse proxy.

facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Zenoss is an enterprise infrastructure monitoring tool that can give in real time the big picture of networks, applications, hardware performances and issues running from a small business to a cloud service. While using it I found the lack of a decent SSL support running out off the box, in order to overcome this issue I decided to use Nginx as reverse proxy server to handle and deliver Zenoss with the SSL support. For this example I’m using Zenoss a debian Native Stack installed on Ubuntu server 10.04

Zenoss download:


Preparing zenoss:

You need to locate the file zope.conf, which in this case is locate into /usr/local/zenoss/zenoss/etc/zope.conf , and find the line that contains “# ip-address” and uncomment it as follows.

# ip-address



After you are saved the zope.conf file you need to restart the Zope server as zenoss user.

su – zenoss

zopectl restart


You need to install Nginx and the openssl utilities, create an ssl directory to store the certificates and create the certificates.

[sourcecode language=”bash”]

apt-get install nginx openssl

mkdir /etc/nginx/ssl

cd /etc/nginx/ssl

openssl req -new -x509 -days 365 -nodes -out zenoss.pem -keyout zenoss.key


zenoss.key zenoss.pem

rm /etc/nginx/sites-enabled/default

touch /etc/nginx/sites-enabled/default

[sourcecode language=”bash”]

server {
listen 443 default ssl;
server_name myserver;

ssl on;
ssl_certificate /etc/nginx/ssl/zenoss.pem;
ssl_certificate_key /etc/nginx/ssl/zenoss.key;

location / {
rewrite ^(.*)$ /VirtualHostBase/https/serveripaddress:443$1 break;


Restart Nginx before the login.

/etc/init.d/nginx restart

Restarting nginx: nginx.

At this point everything should work smoothly, now you can test your new Zenoss over SSL pointing the browser to https://serveripaddress

Leave a Reply

Your email address will not be published / Required fields are marked *