You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Wei Zhou (JIRA)" <ji...@apache.org> on 2013/07/10 12:23:54 UTC
[jira] [Closed] (CLOUDSTACK-3438) CPVM uses build-in SSL
certificate after uploadCertificate
[ https://issues.apache.org/jira/browse/CLOUDSTACK-3438?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Wei Zhou closed CLOUDSTACK-3438.
--------------------------------
Resolution: Fixed
> CPVM uses build-in SSL certificate after uploadCertificate
> ----------------------------------------------------------
>
> Key: CLOUDSTACK-3438
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-3438
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the default.)
> Affects Versions: 4.1.0, 4.2.0
> Reporter: Wei Zhou
> Assignee: Wei Zhou
>
> It uses the build-in certificate.
> on CPVM
> 2013-07-09 14:52:59,075 INFO [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl] (Console-Proxy-Main:) Start initializing SSL
> 2013-07-09 14:52:59,075 INFO [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl] (Console-Proxy-Main:) Initializing SSL from built-in default certificate
> 2013-07-09 14:52:59,083 INFO [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl] (Console-Proxy-Main:) SSL certificate loaded
> 2013-07-09 14:52:59,084 INFO [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl] (Console-Proxy-Main:) Key manager factory is initialized
> 2013-07-09 14:52:59,085 INFO [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl] (Console-Proxy-Main:) Trust manager factory is initialized
> 2013-07-09 14:52:59,085 INFO [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl] (Console-Proxy-Main:) SSL context is initialized
> [root@weizhou-centos cloudstack.git.committer]# openssl s_client -connect 10-11-110-211.cloud.leaseweb.net:443
> CONNECTED(00000003)
> depth=2 C = US, O = "The Go Daddy Group, Inc.", OU = Go Daddy Class 2 Certification Authority
> verify return:1
> depth=1 C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", OU = http://certificates.godaddy.com/repository, CN = Go Daddy Secure Certification Authority, serialNumber = 07969287
> verify return:1
> depth=0 O = *.realhostip.com, OU = Domain Control Validated, CN = *.realhostip.com
> verify return:1
> ---
> Certificate chain
> 0 s:/O=*.realhostip.com/OU=Domain Control Validated/CN=*.realhostip.com
> i:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287
> 1 s:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287
> i:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
> 2 s:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
> i:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
> ---
> Server certificate
> -----BEGIN CERTIFICATE-----
> MIIFZTCCBE2gAwIBAgIHKBCduBUoKDANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE
> BhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAY
> BgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydGlm
> aWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkxMDAuBgNVBAMTJ0dvIERhZGR5
> IFNlY3VyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UEBRMIMDc5Njky
> ODcwHhcNMTIwMjAzMDMzMDQwWhcNMTcwMjA3MDUxMTIzWjBZMRkwFwYDVQQKDBAq
> LnJlYWxob3N0aXAuY29tMSEwHwYDVQQLDBhEb21haW4gQ29udHJvbCBWYWxpZGF0
> ZWQxGTAXBgNVBAMMECoucmVhbGhvc3RpcC5jb20wggEiMA0GCSqGSIb3DQEBAQUA
> A4IBDwAwggEKAoIBAQCDT9AtEfs+s/I8QXp6rrCw0iNJ0+GgsybNHheU+JpL39LM
> TZykCrZhZnyDvwdxCoOfE38Sa32baHKNds+y2SHnMNsOkw8OcNucHEBX1FIpOBGp
> h9D6xC+umx9od6xMWETUv7j6h2u+WC3OhBM8fHCBqIiAol31/IkcqDxxsHlQ8S/o
> CfTlXJUY6Yn628OA1XijKdRnadV0hZ829cv/PZKljjwQUTyrd0KHQeksBH+YAYSo
> 2JUl8ekNLsOi8/cPtfojnltzRI1GXi0ZONs8VnDzJ0a2gqZY+uxlz+CGbLnGnlN4
> j9cBpE+MfUE+35Dq121sTpsSgF85Mz+pVhn2S633AgMBAAGjggG+MIIBujAPBgNV
> HRMBAf8EBTADAQEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNV
> HQ8BAf8EBAMCBaAwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5nb2RhZGR5
> LmNvbS9nZHMxLTY0LmNybDBTBgNVHSAETDBKMEgGC2CGSAGG/W0BBxcBMDkwNwYI
> KwYBBQUHAgEWK2h0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3Np
> dG9yeS8wgYAGCCsGAQUFBwEBBHQwcjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Au
> Z29kYWRkeS5jb20vMEoGCCsGAQUFBzAChj5odHRwOi8vY2VydGlmaWNhdGVzLmdv
> ZGFkZHkuY29tL3JlcG9zaXRvcnkvZ2RfaW50ZXJtZWRpYXRlLmNydDAfBgNVHSME
> GDAWgBT9rGEyk2xF1uLuhV+auud2mWjM5zArBgNVHREEJDAighAqLnJlYWxob3N0
> aXAuY29tgg5yZWFsaG9zdGlwLmNvbTAdBgNVHQ4EFgQUZyJz9/QLy5TWIIscTXID
> E8Xk47YwDQYJKoZIhvcNAQEFBQADggEBAKiUV3KK16mP0NpS92fmQkCLqm+qUWyN
> BfBVgf9/M5pcT8EiTZlS5nAtzAE/eRpBeR3ubLlaAogj4rdH7YYVJcDDLLoB2qM3
> qeCHu8LFoblkb93UuFDWqRaVPmMlJRnhsRkL1oa2gM2hwQTkBDkP7w5FG1BELCgl
> gZI2ij2yxjge6pOEwSyZCzzbCcg9pN+dNrYyGEtB4k+BBnPA3N4r14CWbk+uxjrQ
> 6j2Ip+b7wOc5IuMEMl8xwTyjuX3lsLbAZyFI9RCyofwA9NqIZ1GeB6Zd196rubQp
> 93cmBqGGjZUs3wMrGlm7xdjlX6GQ9UvmvkMub9+lL99A5W50QgCmFeI=
> -----END CERTIFICATE-----
> subject=/O=*.realhostip.com/OU=Domain Control Validated/CN=*.realhostip.com
> issuer=/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287
> ---
> No client certificate CA names sent
> ---
> SSL handshake has read 4376 bytes and written 270 bytes
> ---
> New, TLSv1/SSLv3, Cipher is EDH-RSA-DES-CBC3-SHA
> Server public key is 2048 bit
> Secure Renegotiation IS supported
> Compression: NONE
> Expansion: NONE
> SSL-Session:
> Protocol : TLSv1
> Cipher : EDH-RSA-DES-CBC3-SHA
> Session-ID: 51DBB937E7BBE57C88979C07751796DD5BFEF32E1DEFD2B17315A49289493D01
> Session-ID-ctx:
> Master-Key: 84E549D2AB48AAAECC5FE6C2A35F014E0FB9758C03D9356981BC55B31A0EC9D37AA441F0D3317FE6EC3B843F95FA449F
> Key-Arg : None
> Krb5 Principal: None
> PSK identity: None
> PSK identity hint: None
> Start Time: 1373354296
> Timeout : 300 (sec)
> Verify return code: 0 (ok)
> ---
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira