RE: Regarding the ssl key store change

Mon, 11 Nov 2013 00:42:26 -0800 

Hi Sheng,

Yes.

AFAIU, client/tomcatconf/cloudmanagementserver.keystore.in should be installed 
by default, right?

If we do not need install cloudmanagementserver.keystore.in in the 
installation, the following patch can solve it.



diff --git a/debian/cloudstack-management.install 
b/debian/cloudstack-management.install
index f06ab86..ea3f93b 100644
--- a/debian/cloudstack-management.install
+++ b/debian/cloudstack-management.install
@@ -17,7 +17,6 @@

/etc/cloudstack/management/catalina.policy
/etc/cloudstack/management/catalina.properties
-/etc/cloudstack/management/cloudmanagementserver.keystore
/etc/cloudstack/management/logging.properties
/etc/cloudstack/management/commands.properties
/etc/cloudstack/management/ehcache.xml
diff --git a/packaging/centos63/cloud.spec b/packaging/centos63/cloud.spec
index cd6ff4b..893628d 100644
--- a/packaging/centos63/cloud.spec
+++ b/packaging/centos63/cloud.spec
@@ -252,7 +252,7 @@ rm -rf 
${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/webapps/client/WEB-INF/cl
rm -rf 
${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/webapps/client/WEB-INF/classes/vms

for name in db.properties log4j-cloud.xml tomcat6-nonssl.conf tomcat6-ssl.conf 
server-ssl.xml server-nonssl.xml \
-            catalina.policy catalina.properties classpath.conf 
tomcat-users.xml web.xml environment.properties cloudmanagementserver.keystore 
; do
+            catalina.policy catalina.properties classpath.conf 
tomcat-users.xml web.xml environment.properties ; do
   mv 
${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/webapps/client/WEB-INF/classes/$name
 \
     ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/management/$name
done
@@ -451,7 +451,6 @@ else
fi

if [ -f "%{_sysconfdir}/cloud.rpmsave/management/cloud.keystore" ]; then
-    mv %{_sysconfdir}/%{name}/management/cloudmanagementserver.keystore 
%{_sysconfdir}/%{name}/management/cloudmanagementserver.keystore.rpmnew
     cp -p %{_sysconfdir}/cloud.rpmsave/management/cloud.keystore 
%{_sysconfdir}/%{name}/management/cloudmanagementserver.keystore
     # make sure we only do this on the first install of this RPM, don't want 
to overwrite on a reinstall
     mv %{_sysconfdir}/cloud.rpmsave/management/cloud.keystore 
%{_sysconfdir}/cloud.rpmsave/management/cloud.keystore.rpmsave
@@ -546,7 +545,6 @@ fi
%config(noreplace) %{_sysconfdir}/%{name}/management/cloud-bridge.properties
%config(noreplace) %{_sysconfdir}/%{name}/management/commons-logging.properties
%config(noreplace) %{_sysconfdir}/%{name}/management/ec2-service.properties
-%config(noreplace) 
%{_sysconfdir}/%{name}/management/cloudmanagementserver.keystore
%attr(0755,root,root) %{_initrddir}/%{name}-management
%attr(0755,root,root) %{_bindir}/%{name}-setup-management
%attr(0755,root,root) %{_bindir}/%{name}-update-xenserver-licenses


Kind Regards,

Wei ZHOU
Innovation Engineer Cloud, LeaseWeb B.V.
w.z...@leaseweb.com<mailto:w.z...@leaseweb.com>

From: Sheng Yang [mailto:sh...@yasker.org]
Sent: 09 November 2013 01:27
To: Wei Zhou; <dev@cloudstack.apache.org>
Subject: Regarding the ssl key store change

Hi Wei,

I found this change in the MASTER.

commit 57ba367f3c985e80ea1b34267e298b481a353298
Author: Wei Zhou <w.z...@leaseweb.com<mailto:w.z...@leaseweb.com>>
Date:   Thu Nov 7 11:09:06 2013 +0100

    CLOUDSTACK-5042: change cloud.keystore to cloudmanagementserver.keystore 
and install it (cherry picked from commit 
de448ec4792eda5b47d79b26e9cb8ce96a2b22f4)

IIUC, this would means there is no SSL keystore generation for the new 
management servers? That doesn't sound right...

--Sheng

Reply via email to