cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Willard Rathjen <willard.rath...@appcore.com>
Subject Re: Heartbleed fix fallout
Date Tue, 29 Apr 2014 18:21:07 GMT
The web server serves up the ISO’s using non-encrypted communication.

Willard Rathjen
Cloud Systems Engineer

Office +1.800.735.7104 | Direct +1.515.612.7813
willard.rathjen@appcore.com | www.appcore.com

----------------------------------------------------------------------
The information in this message is intended for the named recipients only. It may contain
information that is privileged, confidential or otherwise protected from disclosure. If you
are not the intended recipient, you are hereby notified that any disclosure, copying, distribution,
or the taking of any action in reliance on the contents of this message is strictly prohibited.
If you have received this e-mail in error, do not print it or disseminate it or its contents.
In such event, please notify the sender by return e-mail and delete the e-mail file immediately
thereafter. Thank you.



On Apr 29, 2014, at 1:01 PM, Nitin Mehta <Nitin.Mehta@citrix.com> wrote:

> Is the web server on which these ISOs are hosted have SSL certificate from
> a trusted ROOT CA ?
> Setting secstorage.encrypt.copy to false shouldn’t have impacted
> registerIso, I am surprised.
> 
> Thanks,
> 
> -Nitin
> 
> On 29/04/14 10:51 AM, "Willard Rathjen" <willard.rathjen@appcore.com>
> wrote:
> 
>> 4.2.0
>> 
>> Thanks,
>> 
>> Willard Rathjen
>> Cloud Systems Engineer
>> 
>> Office +1.800.735.7104 | Direct +1.515.612.7813
>> willard.rathjen@appcore.com | www.appcore.com
>> 
>> ----------------------------------------------------------------------
>> The information in this message is intended for the named recipients
>> only. It may contain information that is privileged, confidential or
>> otherwise protected from disclosure. If you are not the intended
>> recipient, you are hereby notified that any disclosure, copying,
>> distribution, or the taking of any action in reliance on the contents of
>> this message is strictly prohibited. If you have received this e-mail in
>> error, do not print it or disseminate it or its contents. In such event,
>> please notify the sender by return e-mail and delete the e-mail file
>> immediately thereafter. Thank you.
>> 
>> 
>> 
>> On Apr 29, 2014, at 12:50 PM, Nitin Mehta <Nitin.Mehta@citrix.com> wrote:
>> 
>>> Which version is this ?
>>> 
>>> On 29/04/14 10:44 AM, "Willard Rathjen" <willard.rathjen@appcore.com>
>>> wrote:
>>> 
>>>> Hello,
>>>> 
>>>> To mitigate the heartbleed vulnerability I patched openSSL on the
>>>> Cloudstack management server, and did an apt-get upgrade on each system
>>>> VM. I am now running into an issue when downloading ISO¹s in my cloud.
>>>> Whenever I register a new ISO I received the following error in the UI:
>>>> "sun.security.validator.ValidatorException: PKIX path building failed:
>>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to
>>>> find valid certification path to requested target²
>>>> 
>>>> Any ideas? I have temporarily set secstorage.encrypt.copy to false in
>>>> global settings and everything is now working correctly.
>>>> 
>>>> Willard Rathjen
>>>> Cloud Systems Engineer
>>>> 
>>>> Office +1.800.735.7104 | Direct +1.515.612.7813
>>>> willard.rathjen@appcore.com | www.appcore.com
>>>> 
>>>> ----------------------------------------------------------------------
>>>> The information in this message is intended for the named recipients
>>>> only. It may contain information that is privileged, confidential or
>>>> otherwise protected from disclosure. If you are not the intended
>>>> recipient, you are hereby notified that any disclosure, copying,
>>>> distribution, or the taking of any action in reliance on the contents
>>>> of
>>>> this message is strictly prohibited. If you have received this e-mail
>>>> in
>>>> error, do not print it or disseminate it or its contents. In such
>>>> event,
>>>> please notify the sender by return e-mail and delete the e-mail file
>>>> immediately thereafter. Thank you.
>>>> 
>>>> 
>>>> 
>>> 
>> 
> 


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message