How to enable Https for Ansible AWX

Below are the steps to enable Https for Ansible AWX :

  1. If you are going to use self signed SSL certificate, follow the below steps , else skip this step and jump to step 2
    • Login to the Ansible AWX VM as “ubuntu” user via putty/ssh command and run below command to create the certificate and key:
    cd /home/ubuntu/setup
    sudo openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out certificate.pem


    Above command will ask for inputs like Country code, email address etc. which you provide accordingly.

  2. If you already have CA signed certificate and key, rename it to “certificate.pem” and “key.pem” and copy to /home/ubuntu/setup directory in the AWX VM.
    If you followed step 1 above, the two files will be already created in /home/ubuntu/setup directory. Follow below commands to copy those files to AWX web docker directory :

  3. sudo docker cp certificate.pem awx_web:/etc/nginx/
    sudo docker cp key.pem awx_web:/etc/nginx/


  4. Once files are copied to docker container, stop the container using below command
  5. sudo docker stop awx_web


  6. Updating nginx.conf file to enable HTTPS:
  7. Switch to root user using below command:.

    sudo su

    Open nginx.conf file in VIM editor using below command:

    vim /root/.awx/awxcompose/nginx.conf


    Once file is opened in vim, type ‘i’ (without quotes) in vim to enable insert mode.
    In vim, goto line 41 and edit the line from

    listen 8052 default_server;
    listen 8052 ssl default_server;


    Also add below two lines after line 41 :

    ssl_certificate certificate.pem;

    ssl_certificate_key key.pem;


    save the file by clicking “escape” key and then typing :wq

  8. . Once the config file is updated, restart the docker container using below command:
  9. sudo docker start awx_web


    Note: If after running docker restart command you see below error message, just restart your VM and try again to restart the docker container


    Wait for couple of minutes and then access the AWX webconsole over https using the url “https://vm_public_ip:80” . Make sure you type ":80" after the ip address . The console should be now accessible via https.
    To get the login credential, run below command in terminal :

    cat /home/ubuntu/ansible_awx_password.txt


    Note: If you are running azure vm, please use below login credentials
    username: awxadmin
    password: techlatestpassword

    Note: If you are using self signed certificate, you will get certificate warning in browser which you need to accept to proceed with login