cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrija Panic <andrija.pa...@gmail.com>
Subject Re: {HELP-NEEDED] Replace Root CA etc, for CPVM and SSVM
Date Tue, 07 Apr 2015 17:01:38 GMT
ok, I'm on 4.3.2, so there is only UI field for cert, key and
domainname.... so no field for i.e. password, as the key would have to been
decrypted sometimes if it is encrypted.

My possible problem - I see both old intermediate1 cert and the new
intermediate1 cert in database, but only 1 ROOT CA (might have been - I
used the same name so odl ROOT CA was overwriten)

Main CERT and the key looks fine in database...


On 7 April 2015 at 18:59, Erik Weber <terbolous@gmail.com> wrote:

> Your private key is decrypted, my issue was that it should've been
> encrypted.
>
> However, that could be 4.5 specific. You'll get an exception if you
> encounter the same.
>
>
> Erik
>
> Den tirsdag 7. april 2015 skrev Andrija Panic <andrija.panic@gmail.com>
> følgende:
>
> > Thx Erik,
> >
> > per my understanding, private key needs to be DEcrypted, and uploaded
> > through UI... ?
> >
> > On 7 April 2015 at 18:48, Erik Weber <terbolous@gmail.com
> <javascript:;>>
> > wrote:
> >
> > > Also, take a backup first, then remove the realhostip occurence and set
> > seq
> > > to 0 for your cert.
> > >
> > > Erik
> > >
> > > Den tirsdag 7. april 2015 skrev Erik Weber <terbolous@gmail.com
> > <javascript:;>> følgende:
> > >
> > > > Nothing in the logs?
> > > >
> > > > I had an issue where the private key wasn't being encrypted and had
> to
> > > fix
> > > > it by encrypting manually. But I also had could not decrypt
> exceptions
> > in
> > > > the logs.
> > > >
> > > > Erik
> > > >
> > > > Den tirsdag 7. april 2015 skrev Andrija Panic <
> andrija.panic@gmail.com
> > <javascript:;>
> > > > <javascript:_e(%7B%7D,'cvml','andrija.panic@gmail.com
> <javascript:;>');>>
> > følgende:
> > > >
> > > >> Hi guys,
> > > >>
> > > >> our SSL just expired, and I needed to upload new ROOT CA,
> Intemediata
> > > ROOT
> > > >> CA, and at the end SSL for sever and a private key.
> > > >>
> > > >> I uploaded new ROOT CA, and after CPVM rebooted, also uploaded
> > > >> Intermediate
> > > >> ROOT CA, via API, with URL encoded stuff - checked in database all
> > seems
> > > >> OK.
> > > >>
> > > >> But after uploading new SSL and private key, destroyed CPVM and
> SSVM -
> > > my
> > > >> Console Proxy shows *.realiphost.com as the domain for the SSL
> wjen I
> > > >> access
> > > >>
> > > >> Any clues what I did wrong ?
> > > >> Should I have somehow removed first old ROOT CA and old Intermediate
> > CA,
> > > >> and upload new ones ?
> > > >>
> > > >> Here is database content from cloud.keystore:
> > > >> http://snag.gy/LMA4h.jpg
> > > >>
> > > >> This means that for some reason, original realiphost.com SSL is now
> > > used
> > > >> inside CPVM...
> > > >>
> > > >> Any help greatly appreciated, since this is live system...
> > > >>
> > > >> Thanks,
> > > >>
> > > >>
> > > >>
> > > >> --
> > > >>
> > > >> Andrija Panić
> > > >>
> > > >
> > >
> >
> >
> >
> > --
> >
> > Andrija Panić
> >
>



-- 

Andrija Panić

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message