Hello, I have created a review request at : https://reviews.apache.org/r/18759/ that partially address the issue. It has a link to the wiki describing the changes in detail.
Thanks, Amogh On 3/3/14 8:58 AM, "John Kinsella" <j...@stratosec.co> wrote: >I talked with some of the Citrix folk over the weekendŠtheir position is >they think they¹d be doing the community a disfavor by passing the torch, >so-to-speak, and I agree with them [1]. > >From what I understand, the patches that are going to be proposed will >remove HTTPS completely and encrypt over http. That said, I haven¹t seen >anything yet, so until we see something we¹re guessing. I¹m waiting a few >more days to see what¹s proposed. > >John >1: I¹m sharing conversations with individuals, so take this as hearsay >not official comment from Citrix. > >On Mar 2, 2014, at 8:15 AM, Paul Angus ><paul.an...@shapeblue.com<mailto:paul.an...@shapeblue.com>> wrote: > >There are a few issues with the current console proxy setup, not least of >which is the need to have internet access to resolve >realhostip.com<http://realhostip.com> in the first place - so console >proxy can't work if you don't have internet access on your client. I >have configured alternative realhostip.com<http://realhostip.com> setups >for clients - and quite a lot of work goes into creating the >infrastructure (and certs) to support changing to a user managed >certificate. > >Sooo, is it at all possible to secure communications with the console >proxy, without having to rely on ANY outside entity? > >Testing alone is going to be a pain, if a full ssl cert setup is required >to use console proxy.. > >Regards > >Paul Angus >Cloud Architect >S: +44 20 3603 0540 | M: +447711418784 | T: CloudyAngus >paul.an...@shapeblue.com<mailto:paul.an...@shapeblue.com> > >-----Original Message----- >From: Amogh Vasekar [mailto:amogh.vase...@citrix.com] >Sent: 28 February 2014 23:05 >To: dev@cloudstack.apache.org >Subject: Re: [DISCUSS] realhostip.com going away > > > >On 2/28/14 2:03 PM, "Nux!" <n...@li.nux.ro> wrote: > >There's also the problem of the certificate. It comes bundled in ACS as >far as I can tell.. When does it expire? > >notBefore=Feb 3 03:30:40 2012 GMT >notAfter=Feb 7 05:11:23 2017 GMT > >Need Enterprise Grade Support for Apache CloudStack? >Our CloudStack Infrastructure >Support<http://shapeblue.com/cloudstack-infrastructure-support/> offers >the best 24/7 SLA for CloudStack Environments. > >Apache CloudStack Bootcamp training courses > >**NEW!** CloudStack 4.2.1 >training<http://shapeblue.com/cloudstack-training/> >18th-19th February 2014, Brazil. >Classroom<http://shapeblue.com/cloudstack-training/> >17th-23rd March 2014, Region A. Instructor led, >On-line<http://shapeblue.com/cloudstack-training/> >24th-28th March 2014, Region B. Instructor led, >On-line<http://shapeblue.com/cloudstack-training/> >16th-20th June 2014, Region A. Instructor led, >On-line<http://shapeblue.com/cloudstack-training/> >23rd-27th June 2014, Region B. Instructor led, >On-line<http://shapeblue.com/cloudstack-training/> > >This email and any attachments to it may be confidential and are intended >solely for the use of the individual to whom it is addressed. Any views >or opinions expressed are solely those of the author and do not >necessarily represent those of Shape Blue Ltd or related companies. If >you are not the intended recipient of this email, you must neither take >any action based upon its contents, nor copy or show it to anyone. Please >contact the sender if you believe you have received this email in error. >Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue >Services India LLP is a company incorporated in India and is operated >under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is >a company incorporated in Brasil and is operated under license from Shape >Blue Ltd. ShapeBlue is a registered trademark. > >Stratosec<http://stratosec.co/> - Compliance as a Service >o: 415.315.9385 >@johnlkinsella<http://twitter.com/johnlkinsella> >
