Return-Path: 
 <issues-return-13472-apmail-cloudstack-issues-archive=cloudstack.apache.org@cloudstack.apache.org>
X-Original-To: apmail-cloudstack-issues-archive@www.apache.org
Delivered-To: apmail-cloudstack-issues-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 3A62E107D5
	for <apmail-cloudstack-issues-archive@www.apache.org>;
 Wed, 10 Jul 2013 10:23:55 +0000 (UTC)
Received: (qmail 99804 invoked by uid 500); 10 Jul 2013 10:23:55 -0000
Delivered-To: apmail-cloudstack-issues-archive@cloudstack.apache.org
Received: (qmail 99703 invoked by uid 500); 10 Jul 2013 10:23:54 -0000
Mailing-List: contact issues-help@cloudstack.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:issues-help@cloudstack.apache.org>
List-Unsubscribe: <mailto:issues-unsubscribe@cloudstack.apache.org>
List-Post: <mailto:issues@cloudstack.apache.org>
List-Id: <issues.cloudstack.apache.org>
Reply-To: dev@cloudstack.apache.org
Delivered-To: mailing list issues@cloudstack.apache.org
Received: (qmail 99686 invoked by uid 500); 10 Jul 2013 10:23:54 -0000
Delivered-To: apmail-incubator-cloudstack-issues@incubator.apache.org
Received: (qmail 99682 invoked by uid 99); 10 Jul 2013 10:23:54 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 10 Jul 2013 10:23:54 +0000
Date: Wed, 10 Jul 2013 10:23:54 +0000 (UTC)
From: "Wei Zhou (JIRA)" <jira@apache.org>
To: cloudstack-issues@incubator.apache.org
Message-ID: <JIRA.12657019.1373440224503.24766.1373451834358@arcas>
In-Reply-To: <JIRA.12657019.1373440224503@arcas>
References: <JIRA.12657019.1373440224503@arcas>
Subject: [jira] [Closed] (CLOUDSTACK-3438) CPVM uses build-in SSL
 certificate after uploadCertificate
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


     [ https://issues.apache.org/jira/browse/CLOUDSTACK-3438?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Wei Zhou closed CLOUDSTACK-3438.
--------------------------------

    Resolution: Fixed
    
> CPVM uses build-in SSL certificate after uploadCertificate
> ----------------------------------------------------------
>
>                 Key: CLOUDSTACK-3438
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-3438
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>    Affects Versions: 4.1.0, 4.2.0
>            Reporter: Wei Zhou
>            Assignee: Wei Zhou
>
> It uses the build-in certificate.
> on CPVM
> 2013-07-09 14:52:59,075 INFO  [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl] (Console-Proxy-Main:) Start initializing SSL
> 2013-07-09 14:52:59,075 INFO  [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl] (Console-Proxy-Main:) Initializing SSL from built-in default certificate
> 2013-07-09 14:52:59,083 INFO  [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl] (Console-Proxy-Main:) SSL certificate loaded
> 2013-07-09 14:52:59,084 INFO  [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl] (Console-Proxy-Main:) Key manager factory is initialized
> 2013-07-09 14:52:59,085 INFO  [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl] (Console-Proxy-Main:) Trust manager factory is initialized
> 2013-07-09 14:52:59,085 INFO  [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl] (Console-Proxy-Main:) SSL context is initialized
> [root@weizhou-centos cloudstack.git.committer]# openssl s_client -connect 10-11-110-211.cloud.leaseweb.net:443
> CONNECTED(00000003)
> depth=2 C = US, O = "The Go Daddy Group, Inc.", OU = Go Daddy Class 2 Certification Authority
> verify return:1
> depth=1 C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", OU = http://certificates.godaddy.com/repository, CN = Go Daddy Secure Certification Authority, serialNumber = 07969287
> verify return:1
> depth=0 O = *.realhostip.com, OU = Domain Control Validated, CN = *.realhostip.com
> verify return:1
> ---
> Certificate chain
>  0 s:/O=*.realhostip.com/OU=Domain Control Validated/CN=*.realhostip.com
>    i:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287
>  1 s:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287
>    i:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
>  2 s:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
>    i:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
> ---
> Server certificate
> -----BEGIN CERTIFICATE-----
> MIIFZTCCBE2gAwIBAgIHKBCduBUoKDANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE
> BhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAY
> BgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydGlm
> aWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkxMDAuBgNVBAMTJ0dvIERhZGR5
> IFNlY3VyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UEBRMIMDc5Njky
> ODcwHhcNMTIwMjAzMDMzMDQwWhcNMTcwMjA3MDUxMTIzWjBZMRkwFwYDVQQKDBAq
> LnJlYWxob3N0aXAuY29tMSEwHwYDVQQLDBhEb21haW4gQ29udHJvbCBWYWxpZGF0
> ZWQxGTAXBgNVBAMMECoucmVhbGhvc3RpcC5jb20wggEiMA0GCSqGSIb3DQEBAQUA
> A4IBDwAwggEKAoIBAQCDT9AtEfs+s/I8QXp6rrCw0iNJ0+GgsybNHheU+JpL39LM
> TZykCrZhZnyDvwdxCoOfE38Sa32baHKNds+y2SHnMNsOkw8OcNucHEBX1FIpOBGp
> h9D6xC+umx9od6xMWETUv7j6h2u+WC3OhBM8fHCBqIiAol31/IkcqDxxsHlQ8S/o
> CfTlXJUY6Yn628OA1XijKdRnadV0hZ829cv/PZKljjwQUTyrd0KHQeksBH+YAYSo
> 2JUl8ekNLsOi8/cPtfojnltzRI1GXi0ZONs8VnDzJ0a2gqZY+uxlz+CGbLnGnlN4
> j9cBpE+MfUE+35Dq121sTpsSgF85Mz+pVhn2S633AgMBAAGjggG+MIIBujAPBgNV
> HRMBAf8EBTADAQEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNV
> HQ8BAf8EBAMCBaAwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5nb2RhZGR5
> LmNvbS9nZHMxLTY0LmNybDBTBgNVHSAETDBKMEgGC2CGSAGG/W0BBxcBMDkwNwYI
> KwYBBQUHAgEWK2h0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3Np
> dG9yeS8wgYAGCCsGAQUFBwEBBHQwcjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Au
> Z29kYWRkeS5jb20vMEoGCCsGAQUFBzAChj5odHRwOi8vY2VydGlmaWNhdGVzLmdv
> ZGFkZHkuY29tL3JlcG9zaXRvcnkvZ2RfaW50ZXJtZWRpYXRlLmNydDAfBgNVHSME
> GDAWgBT9rGEyk2xF1uLuhV+auud2mWjM5zArBgNVHREEJDAighAqLnJlYWxob3N0
> aXAuY29tgg5yZWFsaG9zdGlwLmNvbTAdBgNVHQ4EFgQUZyJz9/QLy5TWIIscTXID
> E8Xk47YwDQYJKoZIhvcNAQEFBQADggEBAKiUV3KK16mP0NpS92fmQkCLqm+qUWyN
> BfBVgf9/M5pcT8EiTZlS5nAtzAE/eRpBeR3ubLlaAogj4rdH7YYVJcDDLLoB2qM3
> qeCHu8LFoblkb93UuFDWqRaVPmMlJRnhsRkL1oa2gM2hwQTkBDkP7w5FG1BELCgl
> gZI2ij2yxjge6pOEwSyZCzzbCcg9pN+dNrYyGEtB4k+BBnPA3N4r14CWbk+uxjrQ
> 6j2Ip+b7wOc5IuMEMl8xwTyjuX3lsLbAZyFI9RCyofwA9NqIZ1GeB6Zd196rubQp
> 93cmBqGGjZUs3wMrGlm7xdjlX6GQ9UvmvkMub9+lL99A5W50QgCmFeI=
> -----END CERTIFICATE-----
> subject=/O=*.realhostip.com/OU=Domain Control Validated/CN=*.realhostip.com
> issuer=/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287
> ---
> No client certificate CA names sent
> ---
> SSL handshake has read 4376 bytes and written 270 bytes
> ---
> New, TLSv1/SSLv3, Cipher is EDH-RSA-DES-CBC3-SHA
> Server public key is 2048 bit
> Secure Renegotiation IS supported
> Compression: NONE
> Expansion: NONE
> SSL-Session:
>     Protocol  : TLSv1
>     Cipher    : EDH-RSA-DES-CBC3-SHA
>     Session-ID: 51DBB937E7BBE57C88979C07751796DD5BFEF32E1DEFD2B17315A49289493D01
>     Session-ID-ctx:
>     Master-Key: 84E549D2AB48AAAECC5FE6C2A35F014E0FB9758C03D9356981BC55B31A0EC9D37AA441F0D3317FE6EC3B843F95FA449F
>     Key-Arg   : None
>     Krb5 Principal: None
>     PSK identity: None
>     PSK identity hint: None
>     Start Time: 1373354296
>     Timeout   : 300 (sec)
>     Verify return code: 0 (ok)
> ---

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira