cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rohit Yadav <rohit.ya...@shapeblue.com>
Subject Re: HTTPS Broken with 4.14
Date Wed, 01 Jul 2020 07:28:56 GMT
Hi Vincent,

We'll need to investigate deeper as it could be a regression/backend issue, can you log your
issue here:
https://github.com/apache/cloudstack/issues

Thanks.


Regards.

________________________________
From: Vincent Hermes <vincenthermes2072@gmail.com>
Sent: Monday, June 29, 2020 15:50
To: users@cloudstack.apache.org <users@cloudstack.apache.org>
Subject: Re: HTTPS Broken with 4.14

Hi Rohit,

keytool -list -keystore /etc/cloudstack/management/keystore.pkcs12 (Password same as in server.properties
and works)
--------------------
Keystore type: PKCS12
Keystore provider: SUN

Your keystore contains 1 entry

1, 11 Dec 2019, PrivateKeyEntry,
Certificate fingerprint (SHA-256): xx:xx:xx:xx...etc
--------------------

Converted pkcs12 to jks via "keytool -importkeystore -srckeystore combined.pkcs12 -destkeystore
combined.jks -deststoretype jks" (I renamed the copy of keystore.pkcs12 to "combined.pkcs12")
Choose same password, output ok
Changed server.properties to https.keystore=/etc/cloudstack/management/combined.jks
-> Management-Server behaviour is the same
--------------------
Logs regarding keystore:
2020-06-29 12:01:02,052 INFO  [o.e.j.s.h.ContextHandler] (main:null) (logid:) Started o.e.j.w.WebAppContext@311bf055{/client,file:///usr/share/cloudstack-management/webapp/,AVAILABLE}{/usr/share/cloudstack-management/webapp}
2020-06-29 12:01:02,053 INFO  [o.e.j.s.h.ContextHandler] (main:null) (logid:) Started o.e.j.s.h.MovedContextHandler@451001e5{/,null,AVAILABLE}
2020-06-29 12:01:02,076 INFO  [o.e.j.s.AbstractConnector] (main:null) (logid:) Started ServerConnector@6f46426d{HTTP/1.1,[http/1.1]}{0.0.0.0:8080}
2020-06-29 12:01:02,090 INFO  [o.e.j.u.s.SslContextFactory] (main:null) (logid:) x509=X509@25c6abfa(1,h=[our
acual domain name],w=[our domain name again]) for SslContextFactory@4991c0f7[provider=null,keyStore=file:///etc/cloudstack/management/combined.jks,trustStore=null]
--------------------

Management Server is listening on 8080 and 8443, though it only says tcp6 for some reason:
tcp6       3      0 :::8443                 :::*                    LISTEN
tcp6       0      0 :::8080                 :::*                    LISTEN

I removed IPv6 config from the network scripts but it remains. IPv4 on 8080 is working anyway.

Is there anything strange here?

Regards
Vincent


rohit.yadav@shapeblue.comĀ 
www.shapeblue.com
3 London Bridge Street,  3rd floor, News Building, London  SE1 9SGUK
@shapeblue
  
 

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message