cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Özhan Rüzgar Karaman <oruzgarkara...@gmail.com>
Subject Problem enabling Intermediate SSL Certificate on Console VM
Date Wed, 18 May 2016 10:08:53 GMT
Hi Developers;
My console vm works successfully over SSL connections. Yesterday we
realised that firefox could not validate our SSL certificate and it gives
us certificate validation errors.

We checked keystore table on database and noticed that we have not imported
intermediate certificate and console vm works over SSL without any
intermediate SSL certificates. We checked Alpha SSL web site and downloaded
the certificate file(
https://www.alphassl.com/support/install-root-certificate.html)  and delete
the keystore table and re import all root cert + intermediate + server cert
+ private key from Cloudstack Admin interface. After that we have checked
the console vm logs(/var/log/cloud/cloud.out) and we noticed that it could
not successfully download the ssl certificate from ACS. The errors are
below.

I checked the keystore table and it looks okey. After that i restored the
keystore table from backup which does not have any intermediate
certificate, console vm started to work, but because we do not have
intermediate certificate in console vm, windows firefox clients again could
not connect to console sessions.

Does anyone experience this kind of problem on enabling intermediate
certificate? Also which kind of intermediate certificate format need to be
used on ACS, are all formats valid for CloudStack 4.8 ? Alpha SSL provides
SHA-1 and SHA-256 formats for intermediate certificates.

Thanks for all responses & time.

Regards
Özhan



2016-05-18 09:45:56,205 INFO
 [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl]
(Console-Proxy-Main:null) Start initializing SSL
2016-05-18 09:45:56,205 INFO
 [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl]
(Console-Proxy-Main:null) No certificates passed, recheck global
configuration and certificates
2016-05-18 09:45:56,205 INFO
 [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl]
(Console-Proxy-Main:null) Start initializing SSL
2016-05-18 09:45:56,206 INFO
 [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl]
(Console-Proxy-Main:null) No certificates passed, recheck global
configuration and certificates
2016-05-18 09:45:56,227 ERROR
[cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl]
(Console-Proxy-Main:null) java.lang.NullPointerException: null SSLContext
java.lang.NullPointerException: null SSLContext
at
com.sun.net.httpserver.HttpsConfigurator.<init>(HttpsConfigurator.java:81)
at
com.cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl$1.<init>(ConsoleProxySecureServerFactoryImpl.java:82)
at
com.cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl.createHttpServerInstance(ConsoleProxySecureServerFactoryImpl.java:82)
at
com.cloud.consoleproxy.ConsoleProxy.startupHttpMain(ConsoleProxy.java:356)
at com.cloud.consoleproxy.ConsoleProxy.start(ConsoleProxy.java:331)
at
com.cloud.consoleproxy.ConsoleProxy.startWithContext(ConsoleProxy.java:316)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at
com.cloud.agent.resource.consoleproxy.ConsoleProxyResource$1.runInContext(ConsoleProxyResource.java:331)
at
org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(ManagedContextRunnable.java:49)
at
org.apache.cloudstack.managed.context.impl.DefaultManagedContext$1.call(DefaultManagedContext.java:56)
at
org.apache.cloudstack.managed.context.impl.DefaultManagedContext.callWithContext(DefaultManagedContext.java:103)
at
org.apache.cloudstack.managed.context.impl.DefaultManagedContext.runWithContext(DefaultManagedContext.java:53)
at
org.apache.cloudstack.managed.context.ManagedContextRunnable.run(ManagedContextRunnable.java:46)
at java.lang.Thread.run(Thread.java:745)
2016-05-18 09:45:56,240 ERROR [cloud.consoleproxy.ConsoleProxy]
(Console-Proxy-Main:null) null
java.lang.NullPointerException
at
com.cloud.consoleproxy.ConsoleProxy.startupHttpMain(ConsoleProxy.java:357)
at com.cloud.consoleproxy.ConsoleProxy.start(ConsoleProxy.java:331)
at
com.cloud.consoleproxy.ConsoleProxy.startWithContext(ConsoleProxy.java:316)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at
com.cloud.agent.resource.consoleproxy.ConsoleProxyResource$1.runInContext(ConsoleProxyResource.java:331)
at
org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(ManagedContextRunnable.java:49)
at
org.apache.cloudstack.managed.context.impl.DefaultManagedContext$1.call(DefaultManagedContext.java:56)
at
org.apache.cloudstack.managed.context.impl.DefaultManagedContext.callWithContext(DefaultManagedContext.java:103)
at
org.apache.cloudstack.managed.context.impl.DefaultManagedContext.runWithContext(DefaultManagedContext.java:53)
at
org.apache.cloudstack.managed.context.ManagedContextRunnable.run(ManagedContextRunnable.java:46)
at java.lang.Thread.run(Thread.java:745)
2016-05-18 09:45:56,251 INFO  [cloud.agent.Agent]
(AgentShutdownThread:null) Stopping the agent: Reason = sig.kill
2016-05-18 09:45:56,255 DEBUG [cloud.agent.Agent]
(AgentShutdownThread:null) Sending shutdown to management server

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message