cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Wei ZHOU <ustcweiz...@gmail.com>
Subject Re: ./certs/realhostip.keystore in SSVN
Date Wed, 16 Mar 2016 20:13:48 GMT
We had the similar issue when downloaded the template/iso from
fedorapeople.org.
The issue was fixed in our internal version.

If you are interested, please create a jira ticket, I will upload it in
github.

-Wei



2016-03-16 16:06 GMT+01:00 Stephan Seitz <s.seitz@secretresearchfacility.com
>:

> Sadhu,
>
> thank you for your feedback. unfortunately, my problem is not using own
> certificates on the SSVM/CPVM. This is already done.
>
> We're missing some newer Root-CA certificates in the keystore, so
> therefor some https-download-URL are not working since SSVM doesn't know
> about that (even valid) root-CA.
>
> My question is, how to I add root-CA to the keystore (say, an equivalent
> to the system-wide "aptitude upgrade ca-certificates").
>
> I think, I could also file a jira ticket but I want to understand the
> mechanisms in prior.
>
> Right now, we encounter Problems with D/L URL secured by LetsEncrypt and
> some Comodo RSA Roots with SHA256 Intermediates.
>
> I already fixed that by adding the respective certificates to the
> keystore, but I assume it's better to get that persistent :)
>
> Oh, and we're running 4.7 w/ 4.6 SSVM/CPVM-template.
>
> cheers,
>
> - Stephan
>
> Am Mittwoch, den 16.03.2016, 09:22 +0000 schrieb Suresh Sadhu:
> > Please check this link:
> >
> http://sadhusuresh.blogspot.in/2015/01/t-hings-you-should-consider-while.html
> >
> >
> > your uploaded certis loaded in the database in keystore table, after
> upload ssl successful it recreate ssvm/cpvm with new key .
> >
> > regards
> > sadhu
> >
> >
> > -----Original Message-----
> > From: Stephan Seitz [mailto:s.seitz@secretresearchfacility.com]
> > Sent: Wednesday, March 16, 2016 2:13 PM
> > To: dev@cloudstack.apache.org
> > Subject: ./certs/realhostip.keystore in SSVN
> >
> > Hey devs!
> >
> > I just added some recent root-CA certificates to running SSVM instances.
> > I'ld like to persist this by updating the realhostip.keystore, and can't
> locate that keystore file inside the template.vhd.
> > Even after searching the git repo, I don't know where this file is
> deployed from.
> >
> > Could someone please shed some light where to find that keystore source?
> >
> > Thanks in advance!
> >
> > cheers,
> >
> > - Stephan
> >
> >
> >
> >
> > DISCLAIMER
> > ==========
> > This e-mail may contain privileged and confidential information which is
> the property of Accelerite, a Persistent Systems business. It is intended
> only for the use of the individual or entity to which it is addressed. If
> you are not the intended recipient, you are not authorized to read, retain,
> copy, print, distribute or use this message. If you have received this
> communication in error, please notify the sender and delete all copies of
> this message. Accelerite, a Persistent Systems business does not accept any
> liability for virus infected mails.
>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message