cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrija Panic <>
Subject Question: Domain filed on the SSL upload form
Date Tue, 27 Feb 2018 13:32:42 GMT
Hi all,

I got confused about the domain fields/API parameter that is used when
uploading new SSL, to be used on CPVM and SSVM copy process (this is
domain_suffix in cloud.keystore table)

Due to some automation, I came across the following scenarios, which WORKS
FINE, but I'm confused as how and why it works.

New SSL that was issued for " * " was uploaded via API (CA,
intermediate, server cert, and the key in pkcs8) - but doman specified
during this SSL upload process was " " (so NOT matching domain
of the certificate)

This causes the cloud.keystore table/rows to have this in the
last column next to CA/intermediate/server/key... (this is domain_suffix

But in global config we define " * " as the CERT to be used for
CPVM and for securing/encrypting secondary storage copy process between
Same SSL is also used to i.e. download templates etc...

So it all works fine, ?, when "" (instead of "*.") was defined in uploadCertificate GUI/API - i.e. what is the
use of this domain_suffix field at all ?



Andrija Panić

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message