Thanks, Rajani. I'll try to test those vars. Just to sum up: * secstorage.ssl.cert.domain * SSL certificate used to encrypt copy traffic between zones
not very obvious and useful description for someone who tries to figure out the problem. 2018-08-23 13:37 GMT+07:00 Rajani Karuturi <raj...@apache.org>: > Check the values of secstorage.encrypt.copy, secstorsge.ssl.cert.domain > > https://cwiki.apache.org/confluence/display/CLOUDSTACK/ > Procedure+to+Replace+realhostip.com+with+Your+Own+Domain+Name > has more info > > ~Rajani > > Sent from phone. > > On Thu, 23 Aug 2018, 11:57 am Ivan Kudryavtsev, <kudryavtsev...@bw-sw.com> > wrote: > > > Yes, but API returns https://<ip>/<hash>, not > > https://1-2-3-4.dns.zone/hash. > > That is what I'm talking about, at least it works for my 4.11.1 > deployment, > > while CPVM works just fine with https://1-2-3-4.dns.zone/ > > > > 2018-08-23 13:24 GMT+07:00 Rajani Karuturi <raj...@apache.org>: > > > > > The same CPVM type URL also works for SSVM. You could also add Https > > > exception in browser to test it out. > > > > > > Check FS at > > > > > https://cwiki.apache.org/confluence/pages/viewpage. > action?pageId=39620237 > > > for more details. > > > > > > ~Rajani > > > > > > Sent from phone. > > > > > > On Thu, 23 Aug 2018, 10:25 am Ivan Kudryavtsev, < > > kudryavtsev...@bw-sw.com> > > > wrote: > > > > > > > Hello, devs. > > > > > > > > Today I investigated how ACS handles file uploads. I thought there > is a > > > > Jetty-based implementation, but it looks like they are managed thru > > SSVM > > > by > > > > requesting unique upload URL and so on and so forth. > > > > > > > > By design, it's good, despite that the URL which returned by an API > > > > includes https://IP/<token> schema, where SSL is related to *. > > realip.com > > > > and as a result, nothing really works in a browser without playing > with > > > > certs. > > > > > > > > I know that CPVM uses 1-2-3-4.domain.com URL and works great with > > > > real-life > > > > SSLs, no idea why SSVM doesn't act the same way. > > > > > > > > Personally, I don't use direct uploading, but you know the users. > They > > > find > > > > it very attractive and easy rather than managing thru external > > HTTP/HTTPS > > > > servers. > > > > > > > > So, basically, the feature doesn't work for real-life deployments. > > > > > > > > -- > > > > With best regards, Ivan Kudryavtsev > > > > Bitworks LLC > > > > Cell: +7-923-414-1515 > > > > WWW: http://bitworks.software/ <http://bw-sw.com/> > > > > > > > > > > > > > > > -- > > With best regards, Ivan Kudryavtsev > > Bitworks LLC > > Cell: +7-923-414-1515 > > WWW: http://bitworks.software/ <http://bw-sw.com/> > > > -- With best regards, Ivan Kudryavtsev Bitworks LLC Cell: +7-923-414-1515 WWW: http://bitworks.software/ <http://bw-sw.com/>
