Hi, The commit below actually ensures parity between API and UI calls, in absence of which API calls will fail. Additionally, without it POST calls will fail. Please do send a note in case reverting part of the commit.
I believe Saksham has removed the double decoding for the API, which seems the right fix. Thanks, Amogh On 6/5/14 8:44 AM, "Wei ZHOU" <ustcweiz...@gmail.com> wrote: >To make it works on UI, I suggest to revert part of source code in this >commit >https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=commitdiff;h=b8 >a1cbe;hp=beb26237bceabfc3ebeae57431f9affb21d041e5 > >-Wei > > >2014-06-05 16:23 GMT+02:00 Saksham Srivastava ><saksham.srivast...@citrix.com >>: > >> Syed, >> >> The certificate in the mentioned call is already UTF-8 encoded of the >>raw >> plain-text certificate. >> To make the api work I had to doubly encode the cert and key . >> >> I guess it will be good to have this mentioned in the FS/docs as there >>is >> no UI for this and also a sample api call can help a lot. >> >> Thanks, >> Saksham >> >> -----Original Message----- >> From: Syed Ahmed [mailto:sah...@cloudops.com] >> Sent: Thursday, June 5, 2014 6:23 AM >> To: Saksham Srivastava >> Cc: Vijay Venkatachalam; dev@cloudstack.apache.org >> Subject: Re: Unable to upload SSL certificate >> >> Can you try to encode the certificate before passing it as the param? >> >> -Syed >> >> On Wed 04 Jun 2014 09:01:19 AM EDT, Saksham Srivastava wrote: >> > Adding Syed, >> > >> > I debugged the issue and here are my findings: >> > >> > The api is failing at CertServiceimpl: parseCertificate() >> > >> > return (Certificate) certPem.readObject(); >> > >> > readObject method is failing. >> > >> > I tried to use the certificate used in the test >> > runUploadSslCertSelfSignedWithPassword and other tests in >> CertServiceTest.java The following is the api call: >> > >> > http://10.x.x.x:8096/client/api?command=uploadSslCert&certificate=---- >> > -BEGIN+CERTIFICATE-----%0AMIIDBjCCAe4CCQD5Q6qF5dVV0jANBgkqhkiG9w0BAQUF >> > ADBFMQswCQYDVQQGEwJB%0AVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW5 >> > 0ZXJuZXQgV2lkZ2l0%0AcyBQdHkgTHRkMB4XDTEzMTAyMTEzNTgwNFoXDTE0MTAyMTEzNT >> > gwNFowRTELMAkG%0AA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMG >> > EludGVybmV0%0AIFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC >> > AQoCggEB%0AAN%2F7lJtiEs68IC1ZPxY9NA34z9T4AU4LPS%2FkbQtuxx4X72XOBy%2By0 >> > cB%2FqdMD7JNV%0Ah8Mq4URDljhSDyVPdH%2F%2BjQr%2B7kWx2gNe2R%2FDCnd%2FmeVw >> > wU30JJvpGVZXt%2BMTef5N%0AQAbSfDMsuT4FaUY80InbDd24HelrjwunPdY9wwKXO6zL2 >> > fLjyDRediiydxcx18Vb%0ADq1cm7DRi4mNkmA3RwBQMhxGp3VsfXJ4Hy2WTRCCCxWHZphA >> > h3EUJGK3idum6%2F7j%0AHbAwpM%2Ft1kNWN8PZiYDZ1HbccgjmqB7Cub10BfB9g1RByiQ >> > %2FC87o5cKtQha3uuXR%0AiBcHISoDydQrgxKgUpiqEF0CAwEAATANBgkqhkiG9w0BAQUF >> > AAOCAQEASvulIaVb%0Azh8z2TysE6RFoYTAYIRXghFrmqCUyyQmUVTvs6vN8iaSXr%2BWM >> > QJcpgXewWcFrDhr%0AmIcyRCvF91ZYb7q6lMZFSpE6u%2FSUGIEtxGUDAfbkbQdKYmrMcb >> > ggUUIvSzgUFisO%0A >> >> >>Kr0H9PEO4AWtCCrtOJFc7jgu03Sv06wDxn9ghkyiBRnVkbAhoKfKnI179yKruJWR%0AA3ieEj >>0eFoUbeSH8hDkToj4ynpkAvEGoHjHG9j%2B8FJxy%2FPTjkyVPl1ykTs%2B2Jc1B%0ASnx8f2 >>afdTenPWyyBm3wFuRZjEAJJLUO0kxM7E8hAwhGsr%2BXYanwcr1oA1dz6M3f%0Acq26lpjTH5 >>ITwQ%3D%3D%0A-----END+CERTIFICATE-----%0A&privatekey=-----BEGIN+RSA+PRIVA >>TE+KEY-----%0AProc-Type%3A+4%2CENCRYPTED%0ADEK-Info%3A+DES-EDE3-CBC%2CCCA >>6E4CB4C4039DD%0A%0ATaVCJtB0dE9xTZbX7GOaGJwwGHVAMjU1GbRIHf0jODdP%2BquZvbjk >>lNqsw8Ozlia9%0Aq%2FG%2BUqtRJGlIPPLpce0YCrTo0P3eixZdMs0%2BhioAEJ4OLtL0SAC6 >>b8q%2FgB6HRfAx%0ABvNg%2BumTqeF9YB68Tcuv%2F2g4VGKiaePQACyOzMdf7lGY7ojxoJCY >>Za1mfKb7jWrg%0AFLwmTtLLhNjb6CnOKo3klIef3A6zdutpgxF1gARzdRyXg4qCA3boYnwEpt >>TOlJFu%0AovxbhDG9iuYYr4gXYSs1pLYptEC8J6iWpG%2Fqzkwfr4l5Cfg5uF00bbxQE5%2BW >>eRaj%0AYFicvXjB%2FkcoFZuCL7M%2FYRXYxkJ%2FEZ19xI9HZNBQ4L738StkSBKL4OhpF%2F >>qgYZ2y%0AZLRV6XT4AijUA0Ef7YTuUsTL7Qt9drj09gCtAzXTA7gpZBn5SqT9kWhuwSzY302l >>%0AKF8DIC6A52igk2QKPLbleM%2FV8eCu6n%2BJ4uF%2B0GwVRROuG7ThxAQiUlJKhoEYrndL >>%0AnzT7jHVLftjilhVWFu2On62bRf5t1QZuob%2B1AdK0ukvEI >> >> >>VsYnN4bnlAkc99Wi6C0%0AZJd9qW5L4A9XAC2gcjr3m0Rzw3RO%2Bk17faR8YfmTuJvGyBf5f >>nrSFoNkrninXQXp%0Ask0ajRi4PJ4XTswLyxjWRSt3egNsZBSKnVCibca%2FQoDEdZHSKXo2F >>lYiUYx8JHQX%0ASPUsLl9OQKC1W8%2F%2BReryqBLHCkiGEsvT8gVaXga0uhVaqe%2BPaVur2 >>tbOHl4yCysC%0A%2BZlnKwsC84LQsUvpENdCh%2BD7E1I1Rao9IJMR6q9azKq8Ck63cOJ1fA9 >>xSnxJGoCA%0AIlGLttlXrR32EtzYwEnlqf1nI%2FIqNQrAXQKrP5VPzHsgMFu5uD4OEZa92Q5 >>cVTsz%0Aap%2F1UEqiJVYUt6nuA%2BaqOUlyjC0oNtYL%2FVO4DbHTFcHa8SI2cPSS6ebPMWP >>GHjUm%0Al9bWa6Q9iyplCYS6hinAVsAaLVjPi1Eu9Pc8rxFCmoiJYJju5NZuGI5UBK64dqcX% >>0AT6trWl0kB8QY63JtnrZaoStoSPImV5KVseUKDV8TM3Y76h1nLV3MSmAD1ivk9oKs%0AVKeV >>rDhZBWUq9Dqre%2F%2BlVGO0a2wo5VTR8hfpf8QkODPLeyNZNdfGKzkkFLuXa8V5%0AELhLQJ >>3FnbEU3NEvMwikV9MhP%2FELPTkZwJr%2FNKv%2B9JLs9eXtwz29I%2FQ8byQVrCCs%0AhAuD >>l0zHGRnqdpdSImeS2EXGx631zGMwSe8fhKelni5h6hXrXz52asr0k30BxWjf%0AWUn1uTInwV >>jWGy9B5j3mZlVDotFbvVAZgtR0IoFwihPl4VZd9oS13l%2BhMfrTy1YZ%0A8xFNg8ZqUQ0lSm >>KfOVqSBT0lP8tM8LuGxgY4cWluhsAQxR5Nl7wkundnqjcwEDDu%0AJz2rD54St1EZYGLDJZSf >>C7mpG2PgodsdeopQCTyFhHWa8s3caZ40GFOwaR%2B%2F5%2BYF >> >> >>%0A1oRvkR1Yr4qIS7KbX4xsaFfAA5b8QfLA74L05PAgDwKofam2GFAlAKHOcI6mexPq%0AayS >>ON9MNdnXBNxs16mBJLzCX5ljQb0ilJildVEI3aVmABptM4ehEiw%3D%3D%0A-----END+RSA+ >>PRIVATE+KEY-----%0A&password=test >> > >> > and the api fails with "Invalid Certificate format. Expected X509 >> certificate" >> > >> > Since all the tests pass, I am assuming a problem with the api >>encoding >> format. >> > Can someone point to a working api call for the same. >> > >> > Thanks, >> > Saksham >> > >> > >> > -----Original Message----- >> > From: Sujaya Maiyya (Intern) [mailto:sujaya.mai...@citrix.com] >> > Sent: Tuesday, June 3, 2014 2:36 PM >> > To: dev@cloudstack.apache.org >> > Cc: Vijay Venkatachalam >> > Subject: Unable to upload SSL certificate >> > >> > Hi, >> > I am trying to upload an SSL certificate to Cloudstack using >> uploadSslCert API since 4.3 version does not have UI support for the >>same. >> And I am getting following exception: >> > Invalid Certificate format. Expected X509 certificate >> > >> > The certificate, private key and certificate-chain are URL encoded and >> sent to the Cloudstack using a GET on 8096 port. On debugging, it was >>found >> that some characters were missing from certificate after it was decoded >> from the URL which is the cause of the exception. >> > >> > I am unable to figure out the reason, so can you please throw some >>light >> on why are some characters missing after decoding the certificate from >>the >> URL? >> > >> > Thank you, >> > Sujaya >> > >> >> >>
