cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cs user <>
Subject Re: 4.5.1 - SSVM Cert issues
Date Fri, 31 Jul 2015 10:37:39 GMT
Hi There,

The url's that are being generated are of the form:

Which all looks fine.

The secstorage.ssl.cert.domain parmater is set to *

>From the ssvm I ran the following:

openssl s_client -connect

Which then seemed to complain about the root cert. I guess the provider we
have used does not have it's trusted root cert in the new ssvm template.

Perhaps a consequence of the move to java7 within the templates?

As I say, this all worked fine in 4.3.

So either we have to load this cert in every time we launch a fresh ssvm,
or we somehow build our own ssvm template with the root cert baked into the

When you add a new cert to the environment, does it push the root cert to
the ssvm? Has it ever been possible to use a self signed cert?


On Fri, Jul 31, 2015 at 10:34 AM, Thomas Moroder <>

> We are hitting an issue very similar to the below when trying to copy
>> templates between zones:
>> We are using our own wildcard cert for this parameter:
>> secstorage.ssl.cert.domain
>> We weren't having any issues when using 4.3. Has anyone run into this?
> I guess the certificate controls are more strict. Are you sure your
> wildcard certificate is for *.ssl.cert.domain and not *.cert.domain?
> Subdomains are not included in the wildcard-certificate.
> Sincerely,
> Thomas Moroder
> --
> Incubatec GmbH - Srl
> Via Scurcia'str. 36, 39046 Ortisei(BZ), ITALIA
> Registered with the chamber of commerce of Bolzano the 8th of November
> 2001 with
> REA-No. 168204 (s.c. of EUR 10.000 f.p.u.)
> President: Thomas Moroder, VAT-No. IT 02283140214
> Tel: +39.0471796829 - Fax: +39.0471797949

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message