You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cloudstack.apache.org by GitBox <gi...@apache.org> on 2018/04/07 19:53:18 UTC

[GitHub] rhtyd commented on issue #2551: agent: import letsencrypt X3 cross signed certificate to ssvm agent keystore

rhtyd commented on issue #2551: agent: import letsencrypt X3 cross signed certificate to ssvm agent keystore
URL: https://github.com/apache/cloudstack/pull/2551#issuecomment-379494931
 
 
   Yes, you're right @rafaelweingartner it's not difficult to rename the keystore at all. In fact, I'm even considering, to get rid of this keystore file or symlink to the default system one (at /etc/ssl/certs/java/cacert, with password: `changeit`). The issue I found was that even when I updated the system `cacert` the agent failed to load that, since the old keystore file is used by default. Doing so may require some testing around using custom SSL certs for both SSVM and CPVM. Keeping a separate ca-cert file for cloudstack will cause a pain, when another provider's cert/chain are missing.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services