We traced back the issue to:
commit de448ec4792eda5b47d79b26e9cb8ce96a2b22f4
Author: Wei Zhou <w.z...@leaseweb.com>
Date: Thu Nov 7 11:09:06 2013 +0100
CLOUDSTACK-5042: change cloud.keystore to
cloudmanagementserver.keystore and install it
This commit only modify the keystore name, but remain the real place to use
the keystore unchangd. It would make cloudstack fail to found the keystore
when "cloud.keystore" not existed, thus involve in fail-safe keystore kick
in.
We're working on fix it.
--Sheng
On Thu, Apr 10, 2014 at 9:27 AM, Michael Phillips
<mphilli7...@hotmail.com>wrote:
> I created a bug report for this.
> https://issues.apache.org/jira/browse/CLOUDSTACK-6378
>
> > From: prashanthreddy.mand...@citrix.com
> > To: dev@cloudstack.apache.org
> > Subject: RE: cloudmanagementserver.keystore
> > Date: Tue, 8 Apr 2014 05:49:49 +0000
> >
> > I have seen this issue on fresh installation of 4.3.
> >
> > Snippet of the log from my setup
> >
> > "2014-04-07 08:00:09,295 INFO [c.c.s.ConfigurationServerImpl]
> (main:null) SSL keystore located at
> /etc/cloudstack/management/cloudmanagementserver.keystore
> > 2014-04-07 08:00:09,304 DEBUG [c.c.u.s.Script] (main:null) Executing:
> sudo keytool -genkey -keystore
> /etc/cloudstack/management/cloudmanagementserver.keystore -storepass
> vmops.com -keypass vmops.com -keyalg RSA -validity 3650 -dname
> cn="Cloudstack User",ou="repro. cloud.internal",o="repro.
> cloud.internal",c="Unknown"
> > 2014-04-07 08:00:09,438 DEBUG [c.c.u.s.Script] (main:null) Exit value is
> 1
> > 2014-04-07 08:00:09,441 DEBUG [c.c.u.s.Script] (main:null) sudo: no tty
> present and no askpass program specified
> > 2014-04-07 08:00:09,445 WARN [c.c.s.ConfigurationServerImpl]
> (main:null) Would use fail-safe keystore to continue.
> > java.io.IOException: Fail to generate certificate!: sudo: no tty present
> and no askpass program specified"
> >
> >
> > Thanks,
> > Prashanth
> >
> > -----Original Message-----
> > From: Michael Phillips [mailto:mphilli7...@hotmail.com]
> > Sent: Tuesday, April 08, 2014 9:27 AM
> > To: dev@cloudstack.apache.org
> > Subject: cloudmanagementserver.keystore
> >
> > I know this was a problem in 4.2.1 in which the system would endlessly
> log the following error:
> > 014-04-07 22:29:29,715 WARN [c.c.u.n.Link] (AgentManager-Selector:null)
> SSL: Fail to find the generated keystore. Loading fail-safe one to continue.
> > The fix was to rename
> /etc/cloudstack/management/cloudmanagementserver.keystore, to
> cloud.keystore then restart cloudstack.
> > I just installed 4.3.0 fresh, and it seems like this problem persists
> with a twist. The system now does not create any keystore file and logs the
> following 3 errors.
> > Executing: sudo keytool -genkey -keystore
> /etc/cloudstack/management/cloudmanagementserver.keystore -storepass
> vmops.com -keypass vmops.com -keyalg RSA -validity 3650 -dname
> cn="Cloudstack
> User",ou="ustxdalcstackwebp1.cloudagy.local",o="ustxdalcstackwebp1.cloudagy.local",c="Unknown"
> 2014-04-07 21:31:53,610 DEBUG [c.c.u.s.Script] (main:null) Exit value is
> 12014-04-07 21:31:53,610 DEBUG [c.c.u.s.Script] (main:null) sudo: no tty
> present and no askpass program specified My fix was to run the above
> command "keytool..." from the command line, then rename the file to
> cloud.keystore. Once I did that it stopped logging the "SSL: Fail to find
> the generated keystore" errors. Can anyone else confirm they saw this
> behavior in 4.3.0? If so I can make a bug report in JIRA..
> >
>
>
