You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@cloudstack.apache.org by "SuichII, Christopher" <Ch...@netapp.com> on 2014/02/27 20:49:03 UTC

Unable to inject keystore on Mac OS

I tried searching for this issue and see that it has come up several times, but I cannot seem to find a resolution. When deploying devcloud on my Mac, I run in to this exception:

INFO  [c.c.s.ConfigurationServerImpl] (main:null) Processing updateSSLKeyStore
INFO  [c.c.s.ConfigurationServerImpl] (main:null) SSL keystore located at /Users/csuich/CloudStack/cloudstack/client/target/generated-webapp/WEB-INF/classes/cloud.keystore
Password:WARN  [c.c.u.s.Script] (Script-1:null) Interrupting script.
WARN  [c.c.u.s.Script] (main:null) Timed out: sudo keytool -genkey -keystore /Users/csuich/CloudStack/cloudstack/client/target/generated-webapp/WEB-INF/classes/cloud.keystore -storepass vmops.com -keypass vmops.com -keyalg RSA -validity 3650 -dname cn="Cloudstack User",ou="hq.netapp.com",o="hq.netapp.com",c="Unknown" .  Output is: 
WARN  [c.c.s.ConfigurationServerImpl] (main:null) Would use fail-safe keystore to continue.
java.io.IOException: Fail to generate certificate!: timeout
	at com.cloud.server.ConfigurationServerImpl.generateDefaultKeystore(ConfigurationServerImpl.java:595)
	at com.cloud.server.ConfigurationServerImpl.updateSSLKeystore(ConfigurationServerImpl.java:623)
	at com.cloud.server.ConfigurationServerImpl.persistDefaultValues(ConfigurationServerImpl.java:299)
	at com.cloud.server.ConfigurationServerImpl.configure(ConfigurationServerImpl.java:164)
	at org.apache.cloudstack.spring.lifecycle.CloudStackExtendedLifeCycle$3.with(CloudStackExtendedLifeCycle.java:114)


Has anybody ever been able to solve this problem while running on Mac OS?

-Chris
 -- 
Chris Suich
chris.suich@netapp.com
NetApp Software Engineer
Data Center Platforms – Cloud Solutions
Citrix, Cisco & Red Hat

Re: Unable to inject keystore on Mac OS

Posted by "SuichII, Christopher" <Ch...@netapp.com>.

Pre-generating it seemed to do the trick. I guess I was just confused because I was never prompted for the sudo password when running on CentOS.

Thanks!

-- 
Chris Suich
chris.suich@netapp.com
NetApp Software Engineer
Data Center Platforms – Cloud Solutions
Citrix, Cisco & Red Hat

On Feb 27, 2014, at 2:54 PM, Ian Duffy <ia...@ianduffy.ie> wrote:

> Hi Chris,
> 
> I'm running on OSX too. I do not have this issue, however I do get prompted
> for my sudo password the odd time for my when when bringing up the jetty
> server.
> 
> Have you been prompted for your password? or does it just hang on executing
> the keytool command?
> 
> If you try creating the certificate before launching the jetty-server it
> may work as a workaround:
> 
> sudo keytool -genkey -keystore /Users/csuich/CloudStack/
> cloudstack/client/target/generated-webapp/WEB-INF/classes/cloud.keystore
> -storepass vmops.com -keypass vmops.com -keyalg RSA -validity 3650 -dname
> cn="Cloudstack
> 
> Alternatively, modify your sudoers file so your user isn't prompted for a
> password when attempting to use sudo.
> 
> Hope this helps!
> Ian
> 
> 
> On 27 February 2014 19:49, SuichII, Christopher <Ch...@netapp.com>wrote:
> 
>> I tried searching for this issue and see that it has come up several
>> times, but I cannot seem to find a resolution. When deploying devcloud on
>> my Mac, I run in to this exception:
>> 
>> INFO  [c.c.s.ConfigurationServerImpl] (main:null) Processing
>> updateSSLKeyStore
>> INFO  [c.c.s.ConfigurationServerImpl] (main:null) SSL keystore located at
>> /Users/csuich/CloudStack/cloudstack/client/target/generated-webapp/WEB-INF/classes/cloud.keystore
>> Password:WARN  [c.c.u.s.Script] (Script-1:null) Interrupting script.
>> WARN  [c.c.u.s.Script] (main:null) Timed out: sudo keytool -genkey
>> -keystore
>> /Users/csuich/CloudStack/cloudstack/client/target/generated-webapp/WEB-INF/classes/cloud.keystore
>> -storepass vmops.com -keypass vmops.com -keyalg RSA -validity 3650 -dname
>> cn="Cloudstack User",ou="hq.netapp.com",o="hq.netapp.com",c="Unknown" .
>> Output is:
>> WARN  [c.c.s.ConfigurationServerImpl] (main:null) Would use fail-safe
>> keystore to continue.
>> java.io.IOException: Fail to generate certificate!: timeout
>>        at
>> com.cloud.server.ConfigurationServerImpl.generateDefaultKeystore(ConfigurationServerImpl.java:595)
>>        at
>> com.cloud.server.ConfigurationServerImpl.updateSSLKeystore(ConfigurationServerImpl.java:623)
>>        at
>> com.cloud.server.ConfigurationServerImpl.persistDefaultValues(ConfigurationServerImpl.java:299)
>>        at
>> com.cloud.server.ConfigurationServerImpl.configure(ConfigurationServerImpl.java:164)
>>        at
>> org.apache.cloudstack.spring.lifecycle.CloudStackExtendedLifeCycle$3.with(CloudStackExtendedLifeCycle.java:114)
>> 
>> 
>> Has anybody ever been able to solve this problem while running on Mac OS?
>> 
>> -Chris
>> --
>> Chris Suich
>> chris.suich@netapp.com
>> NetApp Software Engineer
>> Data Center Platforms – Cloud Solutions
>> Citrix, Cisco & Red Hat
>> 
>>

Re: Unable to inject keystore on Mac OS

Posted by Ian Duffy <ia...@ianduffy.ie>.

Hi Chris,

I'm running on OSX too. I do not have this issue, however I do get prompted
for my sudo password the odd time for my when when bringing up the jetty
server.

Have you been prompted for your password? or does it just hang on executing
the keytool command?

If you try creating the certificate before launching the jetty-server it
may work as a workaround:

sudo keytool -genkey -keystore /Users/csuich/CloudStack/
cloudstack/client/target/generated-webapp/WEB-INF/classes/cloud.keystore
-storepass vmops.com -keypass vmops.com -keyalg RSA -validity 3650 -dname
cn="Cloudstack

Alternatively, modify your sudoers file so your user isn't prompted for a
password when attempting to use sudo.

Hope this helps!
Ian


On 27 February 2014 19:49, SuichII, Christopher <Ch...@netapp.com>wrote:

> I tried searching for this issue and see that it has come up several
> times, but I cannot seem to find a resolution. When deploying devcloud on
> my Mac, I run in to this exception:
>
> INFO  [c.c.s.ConfigurationServerImpl] (main:null) Processing
> updateSSLKeyStore
> INFO  [c.c.s.ConfigurationServerImpl] (main:null) SSL keystore located at
> /Users/csuich/CloudStack/cloudstack/client/target/generated-webapp/WEB-INF/classes/cloud.keystore
> Password:WARN  [c.c.u.s.Script] (Script-1:null) Interrupting script.
> WARN  [c.c.u.s.Script] (main:null) Timed out: sudo keytool -genkey
> -keystore
> /Users/csuich/CloudStack/cloudstack/client/target/generated-webapp/WEB-INF/classes/cloud.keystore
> -storepass vmops.com -keypass vmops.com -keyalg RSA -validity 3650 -dname
> cn="Cloudstack User",ou="hq.netapp.com",o="hq.netapp.com",c="Unknown" .
>  Output is:
> WARN  [c.c.s.ConfigurationServerImpl] (main:null) Would use fail-safe
> keystore to continue.
> java.io.IOException: Fail to generate certificate!: timeout
>         at
> com.cloud.server.ConfigurationServerImpl.generateDefaultKeystore(ConfigurationServerImpl.java:595)
>         at
> com.cloud.server.ConfigurationServerImpl.updateSSLKeystore(ConfigurationServerImpl.java:623)
>         at
> com.cloud.server.ConfigurationServerImpl.persistDefaultValues(ConfigurationServerImpl.java:299)
>         at
> com.cloud.server.ConfigurationServerImpl.configure(ConfigurationServerImpl.java:164)
>         at
> org.apache.cloudstack.spring.lifecycle.CloudStackExtendedLifeCycle$3.with(CloudStackExtendedLifeCycle.java:114)
>
>
> Has anybody ever been able to solve this problem while running on Mac OS?
>
> -Chris
>  --
> Chris Suich
> chris.suich@netapp.com
> NetApp Software Engineer
> Data Center Platforms – Cloud Solutions
> Citrix, Cisco & Red Hat
>
>

Re: Unable to inject keystore on Mac OS

Posted by ilya musayev <il...@gmail.com>.

Hi Chris

I don't run ACS on OSX, but i can think of a quick / temp fix, which you
probably thought of as well.

Give the tomcat (or whatever user ACS uses)  nopasswd to access only 1
command for keytool.

Regards
ilya

On Thursday, February 27, 2014, SuichII, Christopher <Ch...@netapp.com>
wrote:
> I tried searching for this issue and see that it has come up several
times, but I cannot seem to find a resolution. When deploying devcloud on
my Mac, I run in to this exception:
>
> INFO  [c.c.s.ConfigurationServerImpl] (main:null) Processing
updateSSLKeyStore
> INFO  [c.c.s.ConfigurationServerImpl] (main:null) SSL keystore located at
/Users/csuich/CloudStack/cloudstack/client/target/generated-webapp/WEB-INF/classes/cloud.keystore
> Password:WARN  [c.c.u.s.Script] (Script-1:null) Interrupting script.
> WARN  [c.c.u.s.Script] (main:null) Timed out: sudo keytool -genkey
-keystore
/Users/csuich/CloudStack/cloudstack/client/target/generated-webapp/WEB-INF/classes/cloud.keystore
-storepass vmops.com -keypass vmops.com -keyalg RSA -validity 3650 -dname
cn="Cloudstack User",ou="hq.netapp.com",o="hq.netapp.com",c="Unknown" .
 Output is:
> WARN  [c.c.s.ConfigurationServerImpl] (main:null) Would use fail-safe
keystore to continue.
> java.io.IOException: Fail to generate certificate!: timeout
>         at
com.cloud.server.ConfigurationServerImpl.generateDefaultKeystore(ConfigurationServerImpl.java:595)
>         at
com.cloud.server.ConfigurationServerImpl.updateSSLKeystore(ConfigurationServerImpl.java:623)
>         at
com.cloud.server.ConfigurationServerImpl.persistDefaultValues(ConfigurationServerImpl.java:299)
>         at
com.cloud.server.ConfigurationServerImpl.configure(ConfigurationServerImpl.java:164)
>         at
org.apache.cloudstack.spring.lifecycle.CloudStackExtendedLifeCycle$3.with(CloudStackExtendedLifeCycle.java:114)
>
>
> Has anybody ever been able to solve this problem while running on Mac OS?
>
> -Chris
>  --
> Chris Suich
> chris.suich@netapp.com
> NetApp Software Engineer
> Data Center Platforms - Cloud Solutions
> Citrix, Cisco & Red Hat
>
>