Hi Sudhansu, ty for Bug Reporting. You know by which script the realhostip.keystore will be overwriten ?
I cant find the path or file in the basic systemvm template. Kind regards benjamin > Sudhansu Sahu <[email protected]> hat am 17. Oktober 2017 um 10:51 > geschrieben: > > I have created below defect for this. > https://issues.apache.org/jira/browse/CLOUDSTACK-10112 > > Sent from my iPhone > > On 17-Oct-2017, at 1:56 PM, Benjamin Naber > <[email protected]<mailto:[email protected]>> wrote: > > Hi Sudhansu, > > that fix worked for me. thanks for your help. > > Kind regards > > Benjamin > Sudhansu Sahu > <[email protected]<mailto:[email protected]>> hat am > 17. Oktober 2017 um 10:03 geschrieben: > > For realhostip.keystore the password is ‘vmops.com<http://vmops.com>’. and > for java keystore the password is ‘changeit’. > > Thanks > Sudhansu Sahu > > On 10/17/17, 1:29 PM, "Benjamin Naber" > <[email protected]<mailto:[email protected]>> wrote: > > Hi Sudhansu, > > ty for the tip ! do you know the default password for the keystore on the > secondary storage vm ? > > Kind regards > > Benjamin > > Sudhansu Sahu > <[email protected]<mailto:[email protected]>> hat am > 17. Oktober 2017 um 06:25 geschrieben: > > In SSVM default java keystore is overriden by "realhostip.keystore" and does > not have necessary certificates. > > Import all java cacerts to > ‘/usr/local/cloud/systemvm/certs/realhostip.keystore’. > > keytool -importkeystore –srckeystore -destkeystore > /usr/local/cloud/systemvm/certs/realhostip.keystore > > Thanks > Sudhansu Sahu > > On 10/16/17, 9:25 PM, "Rafael Weingärtner" > <[email protected]<mailto:[email protected]>> wrote: > > Well, if everything is there, then you should not see this error of > unable to build the certification path. > > Then, it would be a good idea to check which cacerts Java is using. > > On 10/16/2017 1:54 PM, Benjamin Naber wrote: > > Hi Rafael, > > i exported the Keystore to textfile and checked fingerprints. > > root CAs also in the Keystore. > > Kind Regards > > Benjamin > > Rafael Weingärtner > <[email protected]<mailto:[email protected]>> hat am 16. > Oktober 2017 um 17:45 geschrieben: > > How did you check the certificates? Did you list and checked by name? Or > by fingerprint? > > Also, did you check if the root CA was there as well? For instance, the > Let's encrypt root CA is "DST Root CA X3" (the CA that signs let's > encrypt CA's certificate) > > On 10/16/2017 1:42 PM, Benjamin Naber wrote: > > Hi Rafael, > > ive allready checked the Java Keystore. All Certificates are included. > > Im using ACS 4.10 > > Kind Regards > > Benjamin > > Benjamin Naber > <[email protected]<mailto:[email protected]>> hat am > 16. Oktober 2017 um 17:26 geschrieben: > > Hi Rafael, > > Currently no ssl Backlund works. Also COMODO Certificates don't work. > > Kind Regards > > Benjamin > > Von meinem Huawei-Mobiltelefon gesendet > > -------- Originalnachricht -------- > Betreff: Re: https Repo links don't work > Von: Rafael Weingärtner > <[email protected]<mailto:[email protected]>> > An: [email protected]<mailto:[email protected]> > Cc: > > Probably the let´s encrypt CA is not in your java keystore. You will > need to add it. > > On 10/16/2017 1:13 PM, Benjamin Naber - NETFORMIC GmbH wrote: > > Hi together, > > i have an issue deploying templates with https Repo Links. > > When i create a global template like debian stretch netinstall and the > ISO file is located on a https backlink > (https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-9.2.1-amd64-netinst.iso) > <https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-9.2.1-amd64-netinst.iso%29>. > > the following error occours: > > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to > find valid certification path to requested target > > OS: CentOS7 > > CS Version: 4.10 from http://cloudstack.apt-get.eu/centos/7/4.10/ > <http://cloudstack.apt-get.eu/centos/7/4.10/> > > Did anyone managed to fix it? > > Kind Regards > > *Benjamin Naber* > > System Administrator > > Telefon: +49 (0)711 761642-445 > [email protected]<mailto:[email protected]> > > <https://netformic.de/> > > *NETFORMIC GmbH* > HRB 720729, Amtsgericht Stuttgart > USt-IdNr.: DE814688053 > Geschäftsführer: Jens Rilling, Timo Weltner > > *Stuttgart* > Hermannstraße 5A, 70178 Stuttgart > Telefon: +49 (0)711 761642-0, Fax: -26 > > *Berlin* > Fanny-Zobel-Straße 11, 12435 Berlin > > Telefon: +49 (0)30 60984747-0, Fax: -9 > -- > > Rafael Weingärtner > -- > Rafael Weingärtner > > ___________________________________________________ > Benjamin Naber • Holzstraße 7 • D-73650 Winterbach > Mobil: +49 (0) 152.34087809 > E-Mail: [email protected]<mailto:[email protected]> > > ___________________________________________________ > Diese E-mail einschließlich eventuell angehängter Dateien enthält > vertrauliche und / oder rechtlich geschützte Informationen. Wenn Sie nicht > der richtige Adressat sind und diese E-mail irrtümlich erhalten haben, dürfen > Sie weder den Inhalt dieser E-mail nutzen noch dürfen Sie die eventuell > angehängten Dateien öffnen und auch keine Kopie fertigen oder den Inhalt > weitergeben / verbreiten. Bitte verständigen Sie den Absender und löschen Sie > diese E-mail und eventuell angehängte Dateien umgehend. > > -- > Rafael Weingärtner > > DISCLAIMER > ========== > This e-mail may contain privileged and confidential information which is the > property of Accelerite, a Persistent Systems business. It is intended only > for the use of the individual or entity to which it is addressed. If you are > not the intended recipient, you are not authorized to read, retain, copy, > print, distribute or use this message. If you have received this > communication in error, please notify the sender and delete all copies of > this message. Accelerite, a Persistent Systems business does not accept any > liability for virus infected mails.
