cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Kinsella <...@stratosec.co>
Subject Re: [DISCUSS] realhostip.com going away
Date Mon, 03 Mar 2014 16:58:04 GMT
I talked with some of the Citrix folk over the weekend…their position is they think they’d
be doing the community a disfavor by passing the torch, so-to-speak, and I agree with them
[1].

>From what I understand, the patches that are going to be proposed will remove HTTPS completely
and encrypt over http. That said, I haven’t seen anything yet, so until we see something
we’re guessing. I’m waiting a few more days to see what’s proposed.

John
1: I’m sharing conversations with individuals, so take this as hearsay not official comment
from Citrix.

On Mar 2, 2014, at 8:15 AM, Paul Angus <paul.angus@shapeblue.com<mailto:paul.angus@shapeblue.com>>
wrote:

There are a few issues with the current console proxy setup, not least of which is the need
to have internet access to resolve realhostip.com<http://realhostip.com> in the first
place - so console proxy can't work if you don't have internet access on your client.  I have
configured alternative realhostip.com<http://realhostip.com> setups for clients - and
quite a lot of work goes into creating the infrastructure (and certs) to support changing
to a user managed certificate.

Sooo, is it at all possible to secure communications with the console proxy, without having
to rely on ANY outside entity?

Testing alone is going to be a pain, if a full ssl cert setup is required to use console proxy..

Regards

Paul Angus
Cloud Architect
S: +44 20 3603 0540 | M: +447711418784 | T: CloudyAngus
paul.angus@shapeblue.com<mailto:paul.angus@shapeblue.com>

-----Original Message-----
From: Amogh Vasekar [mailto:amogh.vasekar@citrix.com]
Sent: 28 February 2014 23:05
To: dev@cloudstack.apache.org
Subject: Re: [DISCUSS] realhostip.com going away



On 2/28/14 2:03 PM, "Nux!" <nux@li.nux.ro> wrote:

There's also the problem of the certificate. It comes bundled in ACS as
far as I can tell.. When does it expire?

notBefore=Feb  3 03:30:40 2012 GMT
notAfter=Feb  7 05:11:23 2017 GMT

Need Enterprise Grade Support for Apache CloudStack?
Our CloudStack Infrastructure Support<http://shapeblue.com/cloudstack-infrastructure-support/>
offers the best 24/7 SLA for CloudStack Environments.

Apache CloudStack Bootcamp training courses

**NEW!** CloudStack 4.2.1 training<http://shapeblue.com/cloudstack-training/>
18th-19th February 2014, Brazil. Classroom<http://shapeblue.com/cloudstack-training/>
17th-23rd March 2014, Region A. Instructor led, On-line<http://shapeblue.com/cloudstack-training/>
24th-28th March 2014, Region B. Instructor led, On-line<http://shapeblue.com/cloudstack-training/>
16th-20th June 2014, Region A. Instructor led, On-line<http://shapeblue.com/cloudstack-training/>
23rd-27th June 2014, Region B. Instructor led, On-line<http://shapeblue.com/cloudstack-training/>

This email and any attachments to it may be confidential and are intended solely for the use
of the individual to whom it is addressed. Any views or opinions expressed are solely those
of the author and do not necessarily represent those of Shape Blue Ltd or related companies.
If you are not the intended recipient of this email, you must neither take any action based
upon its contents, nor copy or show it to anyone. Please contact the sender if you believe
you have received this email in error. Shape Blue Ltd is a company incorporated in England
& Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated
under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated
in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.

Stratosec<http://stratosec.co/> - Compliance as a Service
o: 415.315.9385
@johnlkinsella<http://twitter.com/johnlkinsella>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message