Hmm, that's not so good. Regards
Paul Angus Cloud Architect S: +44 20 3603 0540 | M: +447711418784 | T: CloudyAngus paul.an...@shapeblue.com -----Original Message----- From: John Kinsella [mailto:j...@stratosec.co] Sent: 05 March 2014 18:47 To: dev@cloudstack.apache.org Subject: Re: [DISCUSS] realhostip.com going away It’s not. On Mar 5, 2014, at 1:48 AM, Erik Weber <terbol...@gmail.com<mailto:terbol...@gmail.com>> wrote: How is security being handled in HTTP mode? -- Erik On Wed, Mar 5, 2014 at 2:43 AM, Amogh Vasekar <amogh.vase...@citrix.com<mailto:amogh.vase...@citrix.com>>wrote: Hello, I have created a review request at : https://reviews.apache.org/r/18759/ that partially address the issue. It has a link to the wiki describing the changes in detail. Thanks, Amogh On 3/3/14 8:58 AM, "John Kinsella" <j...@stratosec.co<mailto:j...@stratosec.co>> wrote: I talked with some of the Citrix folk over the weekendŠtheir position is they think they¹d be doing the community a disfavor by passing the torch, so-to-speak, and I agree with them [1]. >From what I understand, the patches that are going to be proposed will remove >HTTPS completely and encrypt over http. That said, I haven¹t seen anything >yet, so until we see something we¹re guessing. I¹m waiting a few more days to >see what¹s proposed. John 1: I¹m sharing conversations with individuals, so take this as hearsay not official comment from Citrix. On Mar 2, 2014, at 8:15 AM, Paul Angus <paul.an...@shapeblue.com<mailto:paul.an...@shapeblue.com><mailto:paul.an...@shapeblue.com>> wrote: There are a few issues with the current console proxy setup, not least of which is the need to have internet access to resolve realhostip.com<http://realhostip.com><http://realhostip.com> in the first place - so console proxy can't work if you don't have internet access on your client. I have configured alternative realhostip.com<http://realhostip.com><http://realhostip.com> setups for clients - and quite a lot of work goes into creating the infrastructure (and certs) to support changing to a user managed certificate. Sooo, is it at all possible to secure communications with the console proxy, without having to rely on ANY outside entity? Testing alone is going to be a pain, if a full ssl cert setup is required to use console proxy.. Regards Paul Angus Cloud Architect S: +44 20 3603 0540 | M: +447711418784 | T: CloudyAngus paul.an...@shapeblue.com<mailto:paul.an...@shapeblue.com><mailto:paul.an...@shapeblue.com> -----Original Message----- From: Amogh Vasekar [mailto:amogh.vase...@citrix.com] Sent: 28 February 2014 23:05 To: dev@cloudstack.apache.org<mailto:dev@cloudstack.apache.org> Subject: Re: [DISCUSS] realhostip.com<http://realhostip.com> going away On 2/28/14 2:03 PM, "Nux!" <n...@li.nux.ro<mailto:n...@li.nux.ro>> wrote: There's also the problem of the certificate. It comes bundled in ACS as far as I can tell.. When does it expire? notBefore=Feb 3 03:30:40 2012 GMT notAfter=Feb 7 05:11:23 2017 GMT Need Enterprise Grade Support for Apache CloudStack? Our CloudStack Infrastructure Support<http://shapeblue.com/cloudstack-infrastructure-support/> offers the best 24/7 SLA for CloudStack Environments. Apache CloudStack Bootcamp training courses **NEW!** CloudStack 4.2.1 training<http://shapeblue.com/cloudstack-training/> 18th-19th February 2014, Brazil. Classroom<http://shapeblue.com/cloudstack-training/> 17th-23rd March 2014, Region A. Instructor led, On-line<http://shapeblue.com/cloudstack-training/> 24th-28th March 2014, Region B. Instructor led, On-line<http://shapeblue.com/cloudstack-training/> 16th-20th June 2014, Region A. Instructor led, On-line<http://shapeblue.com/cloudstack-training/> 23rd-27th June 2014, Region B. Instructor led, On-line<http://shapeblue.com/cloudstack-training/> This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark. Stratosec<http://stratosec.co/> - Compliance as a Service o: 415.315.9385 @johnlkinsella<http://twitter.com/johnlkinsella> Stratosec<http://stratosec.co/> - Compliance as a Service o: 415.315.9385 @johnlkinsella<http://twitter.com/johnlkinsella> This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
