Hi Sudhansu, that fix worked for me. thanks for your help.
Kind regards Benjamin > Sudhansu Sahu <[email protected]> hat am 17. Oktober 2017 um 10:03 > geschrieben: > > For realhostip.keystore the password is ‘vmops.com’. and for java keystore > the password is ‘changeit’. > > Thanks > Sudhansu Sahu > > On 10/17/17, 1:29 PM, "Benjamin Naber" <[email protected]> wrote: > > Hi Sudhansu, > > ty for the tip ! do you know the default password for the keystore on the > secondary storage vm ? > > Kind regards > > Benjamin > > > Sudhansu Sahu <[email protected]> hat am 17. Oktober 2017 um > > 06:25 geschrieben: > > > > In SSVM default java keystore is overriden by "realhostip.keystore" and > > does not have necessary certificates. > > > > Import all java cacerts to > > ‘/usr/local/cloud/systemvm/certs/realhostip.keystore’. > > > > keytool -importkeystore –srckeystore -destkeystore > > /usr/local/cloud/systemvm/certs/realhostip.keystore > > > > Thanks > > Sudhansu Sahu > > > > On 10/16/17, 9:25 PM, "Rafael Weingärtner" <[email protected]> > > wrote: > > > > Well, if everything is there, then you should not see this error of > > unable to build the certification path. > > > > Then, it would be a good idea to check which cacerts Java is using. > > > > On 10/16/2017 1:54 PM, Benjamin Naber wrote: > > > > > Hi Rafael, > > > > > > i exported the Keystore to textfile and checked fingerprints. > > > > > > root CAs also in the Keystore. > > > > > > Kind Regards > > > > > > Benjamin > > > > > > > Rafael Weingärtner <[email protected]> hat am 16. Oktober 2017 > > > > um 17:45 geschrieben: > > > > > > > > How did you check the certificates? Did you list and checked by name? Or > > > > by fingerprint? > > > > > > > > Also, did you check if the root CA was there as well? For instance, the > > > > Let's encrypt root CA is "DST Root CA X3" (the CA that signs let's > > > > encrypt CA's certificate) > > > > > > > > On 10/16/2017 1:42 PM, Benjamin Naber wrote: > > > > > > > > > Hi Rafael, > > > > > > > > > > ive allready checked the Java Keystore. All Certificates are included. > > > > > > > > > > Im using ACS 4.10 > > > > > > > > > > Kind Regards > > > > > > > > > > Benjamin > > > > > > > > > > > Benjamin Naber <[email protected]> hat am 16. Oktober > > > > > > 2017 um 17:26 geschrieben: > > > > > > > > > > > > Hi Rafael, > > > > > > > > > > > > Currently no ssl Backlund works. Also COMODO Certificates don't > > > > > > work. > > > > > > > > > > > > Kind Regards > > > > > > > > > > > > Benjamin > > > > > > > > > > > > Von meinem Huawei-Mobiltelefon gesendet > > > > > > > > > > > > -------- Originalnachricht -------- > > > > > > Betreff: Re: https Repo links don't work > > > > > > Von: Rafael Weingärtner <[email protected]> > > > > > > An: [email protected] > > > > > > Cc: > > > > > > > > > > > > Probably the let´s encrypt CA is not in your java keystore. You will > > > > > > need to add it. > > > > > > > > > > > > On 10/16/2017 1:13 PM, Benjamin Naber - NETFORMIC GmbH wrote: > > > > > > > > > > > > > Hi together, > > > > > > > > > > > > > > i have an issue deploying templates with https Repo Links. > > > > > > > > > > > > > > When i create a global template like debian stretch netinstall > > > > > > > and the > > > > > > > ISO file is located on a https backlink > > > > > > > (https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-9.2.1-amd64-netinst.iso) > > > > > > > <https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-9.2.1-amd64-netinst.iso%29>. > > > > > > > > > > > > > > the following error occours: > > > > > > > > > > > > > > sun.security.validator.ValidatorException: PKIX path building > > > > > > > failed: > > > > > > > sun.security.provider.certpath.SunCertPathBuilderException: > > > > > > > unable to > > > > > > > find valid certification path to requested target > > > > > > > > > > > > > > OS: CentOS7 > > > > > > > > > > > > > > CS Version: 4.10 from http://cloudstack.apt-get.eu/centos/7/4.10/ > > > > > > > <http://cloudstack.apt-get.eu/centos/7/4.10/> > > > > > > > > > > > > > > Did anyone managed to fix it? > > > > > > > > > > > > > > Kind Regards > > > > > > > > > > > > > > *Benjamin Naber* > > > > > > > > > > > > > > System Administrator > > > > > > > > > > > > > > Telefon: +49 (0)711 761642-445 > > > > > > > [email protected] > > > > > > > > > > > > > > <https://netformic.de/> > > > > > > > > > > > > > > *NETFORMIC GmbH* > > > > > > > HRB 720729, Amtsgericht Stuttgart > > > > > > > USt-IdNr.: DE814688053 > > > > > > > Geschäftsführer: Jens Rilling, Timo Weltner > > > > > > > > > > > > > > *Stuttgart* > > > > > > > Hermannstraße 5A, 70178 Stuttgart > > > > > > > Telefon: +49 (0)711 761642-0, Fax: -26 > > > > > > > > > > > > > > *Berlin* > > > > > > > Fanny-Zobel-Straße 11, 12435 Berlin > > > > > > > > > > > > > > Telefon: +49 (0)30 60984747-0, Fax: -9 > > > > > > > -- > > > > > > > > > > > > > > Rafael Weingärtner > > > > > > > -- > > > > > > > Rafael Weingärtner > > > > > > > > > > > > > > ___________________________________________________ > > > > > > > Benjamin Naber • Holzstraße 7 • D-73650 Winterbach > > > > > > > Mobil: +49 (0) 152.34087809 > > > > > > > E-Mail: [email protected] > > > > > > > > > > > > > > ___________________________________________________ > > > > > > > Diese E-mail einschließlich eventuell angehängter Dateien enthält > > > > > > > vertrauliche und / oder rechtlich geschützte Informationen. Wenn > > > > > > > Sie nicht der richtige Adressat sind und diese E-mail irrtümlich > > > > > > > erhalten haben, dürfen Sie weder den Inhalt dieser E-mail nutzen > > > > > > > noch dürfen Sie die eventuell angehängten Dateien öffnen und auch > > > > > > > keine Kopie fertigen oder den Inhalt weitergeben / verbreiten. > > > > > > > Bitte verständigen Sie den Absender und löschen Sie diese E-mail > > > > > > > und eventuell angehängte Dateien umgehend. > > > > -- > > Rafael Weingärtner > > > > DISCLAIMER > > ========== > > This e-mail may contain privileged and confidential information which is > > the property of Accelerite, a Persistent Systems business. It is intended > > only for the use of the individual or entity to which it is addressed. If > > you are not the intended recipient, you are not authorized to read, retain, > > copy, print, distribute or use this message. If you have received this > > communication in error, please notify the sender and delete all copies of > > this message. Accelerite, a Persistent Systems business does not accept any > > liability for virus infected mails.
