cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Indra Pramana <in...@sg.or.id>
Subject Re: Unable to upload SSL certificate for realhostip replacement
Date Sat, 27 Sep 2014 16:49:09 GMT
Dear all,

Apologise for sending quite a lot of emails tonight. Anyone knows if it's
safe for me to update the keystore table on the database directly? Since
the API call doesn't work.

Thank you.


On Sun, Sep 28, 2014 at 12:39 AM, Indra Pramana <indra@sg.or.id> wrote:

> Only if I key in the certificate as "BEGIN", then it seems to be
> accepting. But of course, the certificate is invalid.
>
> <uploadcustomcertificateresponse cloud-stack-version="4.2.0">
> <jobid>1efe722a-e7c7-4c43-9f6b-67ce860dbe34</jobid>
> </uploadcustomcertificateresponse>
>
> Is it my browser issue? I have tried using two different browsers: Firefox
> and Chrome, and both are having the same problem.
>
>
> On Sun, Sep 28, 2014 at 12:36 AM, Indra Pramana <indra@sg.or.id> wrote:
>
>> I tried to key in just "BEGIN CERTIFICATE\nEND CERTIFICATE" without the
>> "-----" and the content of the certificate itself. Same problem persists,
>> it says parameter certificate is invalid, contains illegal ASCII
>> non-printable characters.
>>
>> <uploadcustomcertificateresponse cloud-stack-version="4.2.0">
>> <errorcode>431</errorcode>
>> <cserrorcode>9999</cserrorcode>
>> <errortext>
>> Received value BEGIN CERTIFICATE END CERTIFICATE for parameter
>> certificate is invalid, contains illegal ASCII non-printable characters
>> </errortext>
>> </uploadcustomcertificateresponse>
>>
>>
>> Seems the issue was not actually on the certificate itself, but may be on
>> the API call handler?
>>
>> Any advice is greatly appreciated.
>>
>>
>> On Sat, Sep 27, 2014 at 11:35 PM, Indra Pramana <indra@sg.or.id> wrote:
>>
>>> Hi Amogh and all,
>>>
>>> To add, I am using RapidSSL and I got the root and intermediate CAs from
>>> here:
>>>
>>>
>>> https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&actp=CROSSLINK&id=SO26457
>>>
>>> I have ensured that the encoding is done correctly, but still there's
>>> issue when I tried to upload it. Is it because I am still using version
>>> 4.2.0, may be there's a different method on how to upload?
>>>
>>> Error messages:
>>>
>>> <uploadcustomcertificateresponse cloud-stack-version="4.2.0">
>>> <errorcode>431</errorcode>
>>> <cserrorcode>9999</cserrorcode>
>>> <errortext>
>>> Received value -----BEGIN CERTIFICATE-----
>>> MIIDfTCCAuagAwIBAgIDErvmMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTAlVT
>>> MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0
>>> aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDIwNTIxMDQwMDAwWhcNMTgwODIxMDQwMDAw
>>> WjBCMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UE
>>> AxMSR2VvVHJ1c3QgR2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
>>> CgKCAQEA2swYYzD99BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9m
>>> OSm9BXiLnTjoBbdqfnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIu
>>> T8rxh0PBFpVXLVDviS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6c
>>> JmTM386DGXHKTubU1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmR
>>> Cw7+OC7RHQWa9k0+bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5asz
>>> PeE4uwc2hGKceeoWMPRfwCvocWvk+QIDAQABo4HwMIHtMB8GA1UdIwQYMBaAFEjm
>>> aPkr0rKV10fYIyAQTzOYkJ/UMB0GA1UdDgQWBBTAephojYn7qwVkDBF9qn1luMrM
>>> TjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjA6BgNVHR8EMzAxMC+g
>>> LaArhilodHRwOi8vY3JsLmdlb3RydXN0LmNvbS9jcmxzL3NlY3VyZWNhLmNybDBO
>>> BgNVHSAERzBFMEMGBFUdIAAwOzA5BggrBgEFBQcCARYtaHR0cHM6Ly93d3cuZ2Vv
>>> dHJ1c3QuY29tL3Jlc291cmNlcy9yZXBvc2l0b3J5MA0GCSqGSIb3DQEBBQUAA4GB
>>> AHbhEm5OSxYShjAGsoEIz/AIx8dxfmbuwu3UOx//8PDITtZDOLC5MH0Y0FWDomrL
>>> NhGc6Ehmo21/uBPUR/6LWlxz/K7ZGzIZOKuXNBSqltLroxwUCEm2u+WR74M26x1W
>>> b8ravHNjkOR/ez4iyz0H7V84dJzjA1BOoa+Y7mHyhD8S -----END CERTIFICATE----- for
>>> parameter certificate is invalid, contains illegal ASCII non-printable
>>> characters
>>> </errortext>
>>> </uploadcustomcertificateresponse>
>>>
>>>
>>> Any advice is greatly appreciated, since 30 Sep is just another 3 days...
>>>
>>>
>>> On Sat, Sep 27, 2014 at 11:21 PM, Indra Pramana <indra@sg.or.id> wrote:
>>>
>>>> Hi Amogh,
>>>>
>>>> I tried again tonight, still the same. Not too sure why, is it
>>>> something wrong with the certificate? But I have confirmed that it's the
>>>> correct root certificate from my CA.
>>>>
>>>> Any other advice?
>>>>
>>>> Looking forward to your reply, thank you.
>>>>
>>>> Cheers.
>>>>
>>>> On Tue, Sep 23, 2014 at 12:56 AM, Amogh Vasekar <
>>>> amogh.vasekar@citrix.com> wrote:
>>>>
>>>>> Can you try using http://meyerweb.com/eric/tools/dencoder/
>>>>>
>>>>> Amogh
>>>>>
>>>>> On 9/22/14 4:36 AM, "Indra Pramana" <indra@sg.or.id> wrote:
>>>>>
>>>>> >Dear all,
>>>>> >
>>>>> >I am following the instruction on this documentation to replace
>>>>> >realhostip.com with my own domain.
>>>>> >
>>>>> >
>>>>> https://cwiki.apache.org/confluence/display/CLOUDSTACK/Procedure+to+Replac
>>>>> >e+realhostip.com+with+Your+Own+Domain+Name
>>>>> >
>>>>> >Everything is fine until I need to upload the root certificate via
>>>>> API. I
>>>>> >have URL-encoded the certificate using online URL encoder tool such
>>>>> as:
>>>>> >
>>>>> >http://www.url-encode-decode.com/
>>>>> >
>>>>> >However, when I run the API command, the certificate is rejected,
>>>>> saying
>>>>> >that it contains illegal ASCII non-printable characters:
>>>>> >
>>>>> >for parameter certificate is invalid, contains illegal ASCII
>>>>> non-printable
>>>>> >characters
>>>>> >
>>>>> >I have ensured and verified that it only contains generic ASCII text
>>>>> >format, no space, symbol etc. Tried using UTF-8, US-ASCII format
while
>>>>> >encoding, but still cannot work.
>>>>> >
>>>>> >Any advice is greatly appreciated.
>>>>> >
>>>>> >Looking forward to your reply, thank you.
>>>>> >
>>>>> >Cheers.
>>>>>
>>>>>
>>>>
>>>
>>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message