cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Indra Pramana <in...@sg.or.id>
Subject Re: Upload root certificate and intermediate certificate
Date Sat, 20 Sep 2014 19:32:20 GMT
Hi Abhi, Amogh and all,

Managed to use &response=json command while login and noted the sessionkey
value. Have run the uploadCustomCertificate API to upload the root
certificate but got error message stating that it's not in ASCII format:

for parameter certificate is invalid, contains illegal ASCII
non-printable characters

I have ensured that the certificate is being URL-encoded using online URL
encoder at this website:

http://www.url-encode-decode.com/

I tried using UTF-8, US-ASCII to encode, but still cannot work.

Any advice is greatly appreciated.

Looking forward to your reply, thank you.

Cheers.


On Sun, Sep 21, 2014 at 3:09 AM, Amogh Vasekar <amogh.vasekar@citrix.com>
wrote:

> Viewing it in firebug in firefox, or developer tools in Chrome would be
> easiest IMO.
> Simply turn on the plugin / tools and click on some tab while logged in.
> The "Network" tab would show the parameters used to make requests. Copy
> the sessionid parameter
>
> Amogh
>
> On 9/20/14 11:41 AM, "Indra Pramana" <indra@sg.or.id> wrote:
>
> >Hi Abhisek and all,
> >
> >I tried to run the login API command via browser:
> >
> >
> https://x.x.x.x:8080/client/api?command=login&username=myusername&password
> >=mypasswordinMD5hashingformat
> >
> >The result is all the response results in one single line without any
> >separator.
> >
> >e.g.
> >
> >1800somethingfalseusernameAsia/Kuala_Lumpurblablablasomecodeblablabla=8.0s
> >omething
> >
> >How can I tell which one is the session key?
> >
> >
> >On Sun, Sep 21, 2014 at 2:19 AM, Indra Pramana <indra@sg.or.id> wrote:
> >
> >> Hi Abhisek,
> >>
> >> I checked on this documentation on login via API:
> >>
> >> http://cloudstack.apache.org/docs/api/apidocs-4.2/user/login.html
> >>
> >> It says that for login API command, I need to put the username and
> >> password as well? Can I login using username and password instead, do
> >>the
> >> api key and signature still required?
> >>
> >> I also checked on this documentation on signing API request:
> >>
> >>
> >>
> >>
> http://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.1.0/html/Deve
> >>lopers_Guide/signing-api-requests.html
> >>
> >> If I sign the API requests using api key and signature say for the
> >> uploadCustomCertificate command, do I still need to put the session key?
> >>
> >> Thank you.
> >>
> >>
> >>
> >>
> >> On Sun, Sep 21, 2014 at 1:39 AM, abhisek basu <abhisekbasu@msn.com>
> >>wrote:
> >>
> >>> Please run the login api using the api key and signature, in return you
> >>> will get the session key.
> >>>
> >>> Sent from my iPhone
> >>>
> >>> > On 20 Sep 2014, at 10:58 pm, "Indra Pramana" <indra@sg.or.id>
wrote:
> >>> >
> >>> > Hi Abhisek and all,
> >>> >
> >>> > Good day to you, and thank you for your reply.
> >>> >
> >>> > How can we tell what is the session key, are you able to give me the
> >>> > command to check what is the session key? I have API key and secret
> >>>key,
> >>> > but not too sure how to check what is the session key.
> >>> >
> >>> > Looking forward to your reply, thank you.
> >>> >
> >>> > Cheers.
> >>> >
> >>> >
> >>> >> On Sat, Sep 20, 2014 at 10:26 PM, abhisek basu <abhisekbasu@msn.com
> >
> >>> wrote:
> >>> >>
> >>> >> Inline..
> >>> >>
> >>> >> Sent from my iPhone
> >>> >>
> >>> >>> On 20 Sep 2014, at 7:50 pm, "Indra Pramana" <indra@sg.or.id>
> wrote:
> >>> >>>
> >>> >>> Dear all,
> >>> >>>
> >>> >>> I am using CloudStack 4.2.0 and I am following this procedure
to
> >>> change
> >>> >>> console proxy to use our own domain:
> >>> >>
> >>>
> >>>
> https://cwiki.apache.org/confluence/display/CLOUDSTACK/Procedure+to+Repl
> >>>ace+realhostip.com+with+Your+Own+Domain+Name
> >>> >>>
> >>> >>> On this step:
> >>> >>>
> >>> >>> ====
> >>> >>> Uploading root certificate API call. This is a mandatory step.
> >>> >>>
> >>> >>>  -
> >>> >>
> >>>
> >>>
> http://secure-web.cisco.com/1iT2R06Wizvo9tf0JV4DU3By5npOsABm_p6OQXm1TOI9
> >>>9AS6ClmCjbii7hV_e87nMawuFZvKtXBuWDp4WJ0WwJTWZYIE3xTswv6PXGRf-FocNaRosXsi
> >>>SGkYbXKCzibxCaVoFsZpoHF9eZXgHmYVkb1-67BFfCxLbTmuKYwzkzyg/http%3A%2F%2F12
> >>>3.123.123.123%3A8080%2Fclient%2Fapi%3Fcommand%3DuploadCustomCertificate%
> >>>26id%3D1%26sessionkey%3DLAM0wM%2B0cejIYxCHprtGc4w15sg%3D%26name%3Droot1%
> >>>26domainsuffix%3Dcustomabc.com%26certificate%3D-----BEGIN%2BCERTIFICATE-
> >>>----%0AMIID%2FzCCAuegAwIBAgIJANX8lVYYPplhMA0GCSqGSIb3DQEBBQUAMIGVMQswCQY
> >>>D%0AVQQGEwJVUzELMAkGA1UECAwCQ0ExCzAJBgNVBAcMAlNDMRQwEgYDVQQKDAtDdXN0%0Ab
> >>>21BbW9naDEeMBwGA1UECwwVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MRQwEgYDVQQD%0ADAtDdX
> >>>N0b21BbW9naDEgMB4GCSqGSIb3DQEJARYRYW1vZ2h2a0BnbWFpbC5jb20w%0AHhcNMTQwNDA
> >>>xMTgwODUzWhcNMjQwMzI5MTgwODUzWjCBlTELMAkGA1UEBhMCVVMx%0ACzAJBgNVBAgMAkNB
> >>>MQswCQYDVQQHDAJTQzEUMBIGA1UECgwLQ3VzdG9tQW1vZ2gx%0AHjAcBgNVBAsMFUNlcnRpZ
> >>>mljYXRlIEF1dGhvcml0eTEUMBIGA1UEAwwLQ3VzdG9t%0AQW1vZ2gxIDAeBgkqhkiG9w0BCQ
> >>>EWEWFtb2dodmtAZ21haWwuY29tMIIBIjANBgkq%0AhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQE
> >>>A2Se5P610tI%2B5sz3X3FTjXGZZ3BzjdDIZ%0A5v5FQFcpAI35dBIYXFQv93gDp%2BAjwxET
> >>>PP2p%2BhOMtWQm1DWAiyDldH7WZm7EDmz9%0A6ymnU00RlkjluUhfhwTtB9l59xo1haCaKcZ
> >>>QpNBPFm7yPlTTEVLSFAMr0QZVPuu3%0AHM4rClZe9KdGkh4%2FcpzIrYAys2MZpoG3mu0fE6
> >>>EFbqEJYa5M%2Bvgsja1MqVt58TPo%0AqyaI548P6evJZ%2FpHiqDb360nxFDzbZlSqEUugq5
> >>>UiJzMm5KyLObvhVhzEZcWLbGe%0ASUAYaIdUfvEt%2FKWlqDZ%2BzRW5RpVMTT%2FFZtArZL
> >>>s%2FZuZJybq97KSj0wIDAQABo1Aw%0ATjAdBgNVHQ4EFgQUgb8VT%2BUqf1d%2BoCgC8Lap7
> >>>znkx3gwHwYDVR0jBBgwFoAUgb8V%0AT%2BUqf1d%2BoCgC8Lap7znkx3gwDAYDVR0TBAUwAw
> >>>EB%2FzANBgkqhkiG9w0BAQUFAAOC%0AAQEAbsKknHC6mEmE24eEV9CfAoGqym4aH3aEBS6%2
> >>>FUWWXQ%2FOjEArM5xUSXVUCnpQR%0APgLTpqxMymi%2Bq%2BdhAPhJFxDq0nqw91kJmUZ9cy
> >>>2LINs0akapNhWMvsomfy4YbiLR%0ANUHd%2BymaUb0Q%2BlGe5WeL4kh3W7KbVl0STIxFoRc
> >>>cxHKQHOiIcaQT4AzGWO8uCi90%0AbsFxk7Q11RwMUBUgK0qrhwnl31eUD0bBPvXADix0piTB
> >>>tUjBGJSJR2at9l%2FoI6F0%0AMyHwZer%2FNsN0vr%2FyeCbYdipdvYrDJOniRuhku01uyFz
> >>>f8U7%2Fa%2BrDVUtxGPxxfQzR%0APCTXX%2Fyam7lFvMT3ITntyF%2BKhg%3D%3D%0A-----
> >>>END%2BCERTIFICATE-----
> >>> >>>  <
> >>> >>
> >>>
> >>>
> http://secure-web.cisco.com/1vc527p_GzgOqlkM6lWaD1HUK4KxKO8KE9DYBPE_VgGR
> >>>6OrvPkzQHsjiSptGWZj6_Eg1KC4E6hncNTBrwv58t9D4hjxZ4zdXpeXl1FW-RS5fyuqwlCx8
> >>>xKdIHfBXYl-IB_KIAaj3RDpbZ4_YMg75tgB-p2pC0ManVqjx1c6RdNoo/http%3A%2F%2F10
> >>>.147.59.226%3A8080%2Fclient%2Fapi%3Fcommand%3DuploadCustomCertificate%26
> >>>id%3D1%26sessionkey%3DLAM0wM%2B0cejIYxCHprtGc4w15sg%3D%26name%3Droot1%26
> >>>domainsuffix%3Dcustomamogh.com%26certificate%3D-----BEGIN%2BCERTIFICATE-
> >>>----%0AMIID%2FzCCAuegAwIBAgIJANX8lVYYPplhMA0GCSqGSIb3DQEBBQUAMIGVMQswCQY
> >>>D%0AVQQGEwJVUzELMAkGA1UECAwCQ0ExCzAJBgNVBAcMAlNDMRQwEgYDVQQKDAtDdXN0%0Ab
> >>>21BbW9naDEeMBwGA1UECwwVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MRQwEgYDVQQD%0ADAtDdX
> >>>N0b21BbW9naDEgMB4GCSqGSIb3DQEJARYRYW1vZ2h2a0BnbWFpbC5jb20w%0AHhcNMTQwNDA
> >>>xMTgwODUzWhcNMjQwMzI5MTgwODUzWjCBlTELMAkGA1UEBhMCVVMx%0ACzAJBgNVBAgMAkNB
> >>>MQswCQYDVQQHDAJTQzEUMBIGA1UECgwLQ3VzdG9tQW1vZ2gx%0AHjAcBgNVBAsMFUNlcnRpZ
> >>>mljYXRlIEF1dGhvcml0eTEUMBIGA1UEAwwLQ3VzdG9t%0AQW1vZ2gxIDAeBgkqhkiG9w0BCQ
> >>>EWEWFtb2dodmtAZ21haWwuY29tMIIBIjANBgkq%0AhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQE
> >>>A2Se5P610tI%2B5sz3X3FTjXGZZ3BzjdDIZ%0A5v5FQFcpAI35dBIYXFQv93gDp%2BAjwxET
> >>>PP2p%2BhOMtWQm1DWAiyDldH7WZm7EDmz9%0A6ymnU00RlkjluUhfhwTtB9l59xo1haCaKcZ
> >>>QpNBPFm7yPlTTEVLSFAMr0QZVPuu3%0AHM4rClZe9KdGkh4%2FcpzIrYAys2MZpoG3mu0fE6
> >>>EFbqEJYa5M%2Bvgsja1MqVt58TPo%0AqyaI548P6evJZ%2FpHiqDb360nxFDzbZlSqEUugq5
> >>>UiJzMm5KyLObvhVhzEZcWLbGe%0ASUAYaIdUfvEt%2FKWlqDZ%2BzRW5RpVMTT%2FFZtArZL
> >>>s%2FZuZJybq97KSj0wIDAQABo1Aw%0ATjAdBgNVHQ4EFgQUgb8VT%2BUqf1d%2BoCgC8Lap7
> >>>znkx3gwHwYDVR0jBBgwFoAUgb8V%0AT%2BUqf1d%2BoCgC8Lap7znkx3gwDAYDVR0TBAUwAw
> >>>EB%2FzANBgkqhkiG9w0BAQUFAAOC%0AAQEAbsKknHC6mEmE24eEV9CfAoGqym4aH3aEBS6%2
> >>>FUWWXQ%2FOjEArM5xUSXVUCnpQR%0APgLTpqxMymi%2Bq%2BdhAPhJFxDq0nqw91kJmUZ9cy
> >>>2LINs0akapNhWMvsomfy4YbiLR%0ANUHd%2BymaUb0Q%2BlGe5WeL4kh3W7KbVl0STIxFoRc
> >>>cxHKQHOiIcaQT4AzGWO8uCi90%0AbsFxk7Q11RwMUBUgK0qrhwnl31eUD0bBPvXADix0piTB
> >>>tUjBGJSJR2at9l%2FoI6F0%0AMyHwZer%2FNsN0vr%2FyeCbYdipdvYrDJOniRuhku01uyFz
> >>>f8U7%2Fa%2BrDVUtxGPxxfQzR%0APCTXX%2Fyam7lFvMT3ITntyF%2BKhg%3D%3D%0A-----
> >>>END%2BCERTIFICATE-----
> >>> >>>
> >>> >>>  - *Note: when we upload root certificate  through API, only
CPVM
> >>>will
> >>> >> be
> >>> >>>  rebooted. Also before applying next certificate. make sure
all
> >>>your
> >>> >> system
> >>> >>>  vm agents are in up state.*
> >>> >>>
> >>> >>> =====
> >>> >>>
> >>> >>> - What should we put under sessionkey, is it the API key from
> >>> CloudStack
> >>> >>> GUI > Accounts > admin > View Users > admin >
API Key?
> >>> >>>
> >>> >>>> Session key is the returned when we use login api. If you
use port
> >>> >> 8096, you may ignore session key.
> >>> >>
> >>> >>> - What is the best way to convert the certificate into one
line to
> >>>be
> >>> put
> >>> >>> on the API URL? The document suggested Google Chrome's Advanced
> >>>Rest
> >>> >>> Client, I have downloaded the module on my Chrome but not too
sure
> >>> how to
> >>> >>> use it. Any pointers or advise?
> >>> >>>>> there are online tools to URLEncode the cert. Just
search for
> >>> >> URLEncode tool.
> >>> >>
> >>> >>> Looking forward to your reply, thank you.
> >>> >>>
> >>> >>> Cheers.
> >>> >>
> >>>
> >>
> >>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message