You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cloudstack.apache.org by Syed Ahmed <sa...@cloudops.com> on 2013/10/22 22:19:50 UTC
Review Request 14855: [Ssl Termination Support] Certificate managenemt
interface
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/14855/
-----------------------------------------------------------
Review request for cloudstack, Darren Shepherd, Murali Reddy, and Shengsheng Huang.
Bugs: CLOUDSTACK-4821
https://issues.apache.org/jira/browse/CLOUDSTACK-4821
Repository: cloudstack-git
Description
-------
This is the first patch for Ssl termination support in Cloudstack. This patch is for the certificate management. Basically uploading, validation, deletion, listing for the certificates.
The FS for this is at https://cwiki.apache.org/confluence/display/CLOUDSTACK/SSL+Termination+Support . I will work on the second patch which will assign the certificates to loadbalancing rules.
Diffs
-----
api/src/com/cloud/network/lb/CertService.java PRE-CREATION
api/src/com/cloud/network/lb/SslCert.java PRE-CREATION
api/src/org/apache/cloudstack/api/ApiConstants.java c75e6a0
api/src/org/apache/cloudstack/api/command/user/loadbalancer/DeleteSslCertCmd.java PRE-CREATION
api/src/org/apache/cloudstack/api/command/user/loadbalancer/ListSslCertsCmd.java PRE-CREATION
api/src/org/apache/cloudstack/api/command/user/loadbalancer/UploadSslCertCmd.java PRE-CREATION
api/src/org/apache/cloudstack/api/response/SslCertResponse.java PRE-CREATION
client/tomcatconf/applicationContext.xml.in 2a3520b
client/tomcatconf/nonossComponentContext.xml.in 9d1da95
engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapDao.java PRE-CREATION
engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapDaoImpl.java PRE-CREATION
engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapVO.java PRE-CREATION
engine/schema/src/com/cloud/network/dao/SslCertDao.java PRE-CREATION
engine/schema/src/com/cloud/network/dao/SslCertDaoImpl.java PRE-CREATION
engine/schema/src/com/cloud/network/dao/SslCertVO.java PRE-CREATION
server/src/com/cloud/server/ManagementServerImpl.java 699f469
server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java PRE-CREATION
server/test/org/apache/cloudstack/lb/ApplicationLoadBalancerTest.java 9b46e68
server/test/org/apache/cloudstack/network/lb/ApplicationLoadBalancerTest.java PRE-CREATION
server/test/org/apache/cloudstack/network/lb/CertServiceTest.java PRE-CREATION
server/test/resources/certs/bad_format_cert.crt PRE-CREATION
server/test/resources/certs/dsa_self_signed.crt PRE-CREATION
server/test/resources/certs/dsa_self_signed.key PRE-CREATION
server/test/resources/certs/expired_cert.crt PRE-CREATION
server/test/resources/certs/non_x509_pem.crt PRE-CREATION
server/test/resources/certs/root_chain.crt PRE-CREATION
server/test/resources/certs/rsa_ca_signed.crt PRE-CREATION
server/test/resources/certs/rsa_ca_signed.key PRE-CREATION
server/test/resources/certs/rsa_ca_signed2.crt PRE-CREATION
server/test/resources/certs/rsa_ca_signed2.key PRE-CREATION
server/test/resources/certs/rsa_random_pkey.key PRE-CREATION
server/test/resources/certs/rsa_self_signed.crt PRE-CREATION
server/test/resources/certs/rsa_self_signed.key PRE-CREATION
server/test/resources/certs/rsa_self_signed_with_pwd.crt PRE-CREATION
server/test/resources/certs/rsa_self_signed_with_pwd.key PRE-CREATION
setup/db/db/schema-421to430.sql aaebf96
Diff: https://reviews.apache.org/r/14855/diff/
Testing
-------
Unittests are done and included in the review.
Thanks,
Syed Ahmed
Re: Review Request 14855: [Ssl Termination Support] Certificate managenemt
interface
Posted by Syed Ahmed <sa...@cloudops.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/14855/
-----------------------------------------------------------
(Updated Oct. 23, 2013, 4:17 p.m.)
Review request for cloudstack, Darren Shepherd, Murali Reddy, and Shengsheng Huang.
Changes
-------
Fixing review comments by Darren.
Bugs: CLOUDSTACK-4821
https://issues.apache.org/jira/browse/CLOUDSTACK-4821
Repository: cloudstack-git
Description
-------
This is the first patch for Ssl termination support in Cloudstack. This patch is for the certificate management. Basically uploading, validation, deletion, listing for the certificates.
The FS for this is at https://cwiki.apache.org/confluence/display/CLOUDSTACK/SSL+Termination+Support . I will work on the second patch which will assign the certificates to loadbalancing rules.
Diffs (updated)
-----
api/src/com/cloud/network/lb/CertService.java PRE-CREATION
api/src/com/cloud/network/lb/SslCert.java PRE-CREATION
api/src/org/apache/cloudstack/api/ApiConstants.java c75e6a0
api/src/org/apache/cloudstack/api/command/user/loadbalancer/DeleteSslCertCmd.java PRE-CREATION
api/src/org/apache/cloudstack/api/command/user/loadbalancer/ListSslCertsCmd.java PRE-CREATION
api/src/org/apache/cloudstack/api/command/user/loadbalancer/UploadSslCertCmd.java PRE-CREATION
api/src/org/apache/cloudstack/api/response/SslCertResponse.java PRE-CREATION
client/tomcatconf/applicationContext.xml.in 2a3520b
client/tomcatconf/componentContext.xml.in df5b002
client/tomcatconf/nonossComponentContext.xml.in 9d1da95
engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapDao.java PRE-CREATION
engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapDaoImpl.java PRE-CREATION
engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapVO.java PRE-CREATION
engine/schema/src/com/cloud/network/dao/SslCertDao.java PRE-CREATION
engine/schema/src/com/cloud/network/dao/SslCertDaoImpl.java PRE-CREATION
engine/schema/src/com/cloud/network/dao/SslCertVO.java PRE-CREATION
plugins/network-elements/netscaler/src/com/cloud/network/element/NetscalerElement.java d63b14f
server/src/com/cloud/server/ManagementServerImpl.java 699f469
server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java PRE-CREATION
server/test/org/apache/cloudstack/lb/ApplicationLoadBalancerTest.java 9b46e68
server/test/org/apache/cloudstack/network/lb/ApplicationLoadBalancerTest.java PRE-CREATION
server/test/org/apache/cloudstack/network/lb/CertServiceTest.java PRE-CREATION
server/test/resources/certs/bad_format_cert.crt PRE-CREATION
server/test/resources/certs/dsa_self_signed.crt PRE-CREATION
server/test/resources/certs/dsa_self_signed.key PRE-CREATION
server/test/resources/certs/expired_cert.crt PRE-CREATION
server/test/resources/certs/non_x509_pem.crt PRE-CREATION
server/test/resources/certs/root_chain.crt PRE-CREATION
server/test/resources/certs/rsa_ca_signed.crt PRE-CREATION
server/test/resources/certs/rsa_ca_signed.key PRE-CREATION
server/test/resources/certs/rsa_ca_signed2.crt PRE-CREATION
server/test/resources/certs/rsa_ca_signed2.key PRE-CREATION
server/test/resources/certs/rsa_random_pkey.key PRE-CREATION
server/test/resources/certs/rsa_self_signed.crt PRE-CREATION
server/test/resources/certs/rsa_self_signed.key PRE-CREATION
server/test/resources/certs/rsa_self_signed_with_pwd.crt PRE-CREATION
server/test/resources/certs/rsa_self_signed_with_pwd.key PRE-CREATION
setup/db/db/schema-421to430.sql aaebf96
Diff: https://reviews.apache.org/r/14855/diff/
Testing
-------
Unittests are done and included in the review.
Thanks,
Syed Ahmed
Re: Review Request 14855: [Ssl Termination Support] Certificate managenemt
interface
Posted by Syed Ahmed <sa...@cloudops.com>.
> On Oct. 22, 2013, 9:56 p.m., Darren Shepherd wrote:
> > api/src/org/apache/cloudstack/api/command/user/loadbalancer/UploadSslCertCmd.java, lines 34-35
> > <https://reviews.apache.org/r/14855/diff/1/?file=369298#file369298line34>
> >
> > I don't understand why a password is needed?
Password is needed for reading encrypted private keys.
> On Oct. 22, 2013, 9:56 p.m., Darren Shepherd wrote:
> > server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java, line 65
> > <https://reviews.apache.org/r/14855/diff/1/?file=369309#file369309line65>
> >
> > why URLDecoder.decode()?
The cert and key will be passed as url encoded. Is there a better way to do this? Does cloudstack provide some auto decode functionality?
- Syed
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/14855/#review27334
-----------------------------------------------------------
On Oct. 22, 2013, 8:19 p.m., Syed Ahmed wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/14855/
> -----------------------------------------------------------
>
> (Updated Oct. 22, 2013, 8:19 p.m.)
>
>
> Review request for cloudstack, Darren Shepherd, Murali Reddy, and Shengsheng Huang.
>
>
> Bugs: CLOUDSTACK-4821
> https://issues.apache.org/jira/browse/CLOUDSTACK-4821
>
>
> Repository: cloudstack-git
>
>
> Description
> -------
>
> This is the first patch for Ssl termination support in Cloudstack. This patch is for the certificate management. Basically uploading, validation, deletion, listing for the certificates.
>
> The FS for this is at https://cwiki.apache.org/confluence/display/CLOUDSTACK/SSL+Termination+Support . I will work on the second patch which will assign the certificates to loadbalancing rules.
>
>
> Diffs
> -----
>
> api/src/com/cloud/network/lb/CertService.java PRE-CREATION
> api/src/com/cloud/network/lb/SslCert.java PRE-CREATION
> api/src/org/apache/cloudstack/api/ApiConstants.java c75e6a0
> api/src/org/apache/cloudstack/api/command/user/loadbalancer/DeleteSslCertCmd.java PRE-CREATION
> api/src/org/apache/cloudstack/api/command/user/loadbalancer/ListSslCertsCmd.java PRE-CREATION
> api/src/org/apache/cloudstack/api/command/user/loadbalancer/UploadSslCertCmd.java PRE-CREATION
> api/src/org/apache/cloudstack/api/response/SslCertResponse.java PRE-CREATION
> client/tomcatconf/applicationContext.xml.in 2a3520b
> client/tomcatconf/nonossComponentContext.xml.in 9d1da95
> engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapDao.java PRE-CREATION
> engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapDaoImpl.java PRE-CREATION
> engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapVO.java PRE-CREATION
> engine/schema/src/com/cloud/network/dao/SslCertDao.java PRE-CREATION
> engine/schema/src/com/cloud/network/dao/SslCertDaoImpl.java PRE-CREATION
> engine/schema/src/com/cloud/network/dao/SslCertVO.java PRE-CREATION
> server/src/com/cloud/server/ManagementServerImpl.java 699f469
> server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java PRE-CREATION
> server/test/org/apache/cloudstack/lb/ApplicationLoadBalancerTest.java 9b46e68
> server/test/org/apache/cloudstack/network/lb/ApplicationLoadBalancerTest.java PRE-CREATION
> server/test/org/apache/cloudstack/network/lb/CertServiceTest.java PRE-CREATION
> server/test/resources/certs/bad_format_cert.crt PRE-CREATION
> server/test/resources/certs/dsa_self_signed.crt PRE-CREATION
> server/test/resources/certs/dsa_self_signed.key PRE-CREATION
> server/test/resources/certs/expired_cert.crt PRE-CREATION
> server/test/resources/certs/non_x509_pem.crt PRE-CREATION
> server/test/resources/certs/root_chain.crt PRE-CREATION
> server/test/resources/certs/rsa_ca_signed.crt PRE-CREATION
> server/test/resources/certs/rsa_ca_signed.key PRE-CREATION
> server/test/resources/certs/rsa_ca_signed2.crt PRE-CREATION
> server/test/resources/certs/rsa_ca_signed2.key PRE-CREATION
> server/test/resources/certs/rsa_random_pkey.key PRE-CREATION
> server/test/resources/certs/rsa_self_signed.crt PRE-CREATION
> server/test/resources/certs/rsa_self_signed.key PRE-CREATION
> server/test/resources/certs/rsa_self_signed_with_pwd.crt PRE-CREATION
> server/test/resources/certs/rsa_self_signed_with_pwd.key PRE-CREATION
> setup/db/db/schema-421to430.sql aaebf96
>
> Diff: https://reviews.apache.org/r/14855/diff/
>
>
> Testing
> -------
>
> Unittests are done and included in the review.
>
>
> Thanks,
>
> Syed Ahmed
>
>
Re: Review Request 14855: [Ssl Termination Support] Certificate managenemt
interface
Posted by Syed Ahmed <sa...@cloudops.com>.
> On Oct. 22, 2013, 9:56 p.m., Darren Shepherd wrote:
> > engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapVO.java, line 31
> > <https://reviews.apache.org/r/14855/diff/1/?file=369304#file369304line31>
> >
> > Their really should be a state field, not just a simple boolean flag for revoke. It will be easier to reliabily orchestrate if you have states. Maybe different names, but something like "Associating, Associated, Disassociating" and then the final disassociated state is when you just delete the row
Is it OK if I include this change in my other patch? That whould provide a more complete usage for the state flag.
- Syed
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/14855/#review27334
-----------------------------------------------------------
On Oct. 23, 2013, 4:17 p.m., Syed Ahmed wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/14855/
> -----------------------------------------------------------
>
> (Updated Oct. 23, 2013, 4:17 p.m.)
>
>
> Review request for cloudstack, Darren Shepherd, Murali Reddy, and Shengsheng Huang.
>
>
> Bugs: CLOUDSTACK-4821
> https://issues.apache.org/jira/browse/CLOUDSTACK-4821
>
>
> Repository: cloudstack-git
>
>
> Description
> -------
>
> This is the first patch for Ssl termination support in Cloudstack. This patch is for the certificate management. Basically uploading, validation, deletion, listing for the certificates.
>
> The FS for this is at https://cwiki.apache.org/confluence/display/CLOUDSTACK/SSL+Termination+Support . I will work on the second patch which will assign the certificates to loadbalancing rules.
>
>
> Diffs
> -----
>
> api/src/com/cloud/network/lb/CertService.java PRE-CREATION
> api/src/com/cloud/network/lb/SslCert.java PRE-CREATION
> api/src/org/apache/cloudstack/api/ApiConstants.java c75e6a0
> api/src/org/apache/cloudstack/api/command/user/loadbalancer/DeleteSslCertCmd.java PRE-CREATION
> api/src/org/apache/cloudstack/api/command/user/loadbalancer/ListSslCertsCmd.java PRE-CREATION
> api/src/org/apache/cloudstack/api/command/user/loadbalancer/UploadSslCertCmd.java PRE-CREATION
> api/src/org/apache/cloudstack/api/response/SslCertResponse.java PRE-CREATION
> client/tomcatconf/applicationContext.xml.in 2a3520b
> client/tomcatconf/componentContext.xml.in df5b002
> client/tomcatconf/nonossComponentContext.xml.in 9d1da95
> engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapDao.java PRE-CREATION
> engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapDaoImpl.java PRE-CREATION
> engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapVO.java PRE-CREATION
> engine/schema/src/com/cloud/network/dao/SslCertDao.java PRE-CREATION
> engine/schema/src/com/cloud/network/dao/SslCertDaoImpl.java PRE-CREATION
> engine/schema/src/com/cloud/network/dao/SslCertVO.java PRE-CREATION
> plugins/network-elements/netscaler/src/com/cloud/network/element/NetscalerElement.java d63b14f
> server/src/com/cloud/server/ManagementServerImpl.java 699f469
> server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java PRE-CREATION
> server/test/org/apache/cloudstack/lb/ApplicationLoadBalancerTest.java 9b46e68
> server/test/org/apache/cloudstack/network/lb/ApplicationLoadBalancerTest.java PRE-CREATION
> server/test/org/apache/cloudstack/network/lb/CertServiceTest.java PRE-CREATION
> server/test/resources/certs/bad_format_cert.crt PRE-CREATION
> server/test/resources/certs/dsa_self_signed.crt PRE-CREATION
> server/test/resources/certs/dsa_self_signed.key PRE-CREATION
> server/test/resources/certs/expired_cert.crt PRE-CREATION
> server/test/resources/certs/non_x509_pem.crt PRE-CREATION
> server/test/resources/certs/root_chain.crt PRE-CREATION
> server/test/resources/certs/rsa_ca_signed.crt PRE-CREATION
> server/test/resources/certs/rsa_ca_signed.key PRE-CREATION
> server/test/resources/certs/rsa_ca_signed2.crt PRE-CREATION
> server/test/resources/certs/rsa_ca_signed2.key PRE-CREATION
> server/test/resources/certs/rsa_random_pkey.key PRE-CREATION
> server/test/resources/certs/rsa_self_signed.crt PRE-CREATION
> server/test/resources/certs/rsa_self_signed.key PRE-CREATION
> server/test/resources/certs/rsa_self_signed_with_pwd.crt PRE-CREATION
> server/test/resources/certs/rsa_self_signed_with_pwd.key PRE-CREATION
> setup/db/db/schema-421to430.sql aaebf96
>
> Diff: https://reviews.apache.org/r/14855/diff/
>
>
> Testing
> -------
>
> Unittests are done and included in the review.
>
>
> Thanks,
>
> Syed Ahmed
>
>
Re: Review Request 14855: [Ssl Termination Support] Certificate managenemt
interface
Posted by Darren Shepherd <da...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/14855/#review27334
-----------------------------------------------------------
api/src/com/cloud/network/lb/CertService.java
<https://reviews.apache.org/r/14855/#comment53162>
Please don't throw Exception. Narrow the throws to what is really needed.
api/src/com/cloud/network/lb/CertService.java
<https://reviews.apache.org/r/14855/#comment53163>
Having a boolean return type is not needed. Just return void. If the validation fails you should just throw an exception that will have a useful error message for the user
api/src/com/cloud/network/lb/SslCert.java
<https://reviews.apache.org/r/14855/#comment53165>
Interfaces for VOs should not have setters. The interfaces are intended to be read only
api/src/org/apache/cloudstack/api/command/user/loadbalancer/UploadSslCertCmd.java
<https://reviews.apache.org/r/14855/#comment53166>
I don't understand why a password is needed?
engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapVO.java
<https://reviews.apache.org/r/14855/#comment53167>
Their really should be a state field, not just a simple boolean flag for revoke. It will be easier to reliabily orchestrate if you have states. Maybe different names, but something like "Associating, Associated, Disassociating" and then the final disassociated state is when you just delete the row
engine/schema/src/com/cloud/network/dao/SslCertVO.java
<https://reviews.apache.org/r/14855/#comment53168>
AWS has the following length limits, don't know if there is reason behind them
cert = 16384
chain = 2097152
key = 16384
server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java
<https://reviews.apache.org/r/14855/#comment53169>
why URLDecoder.decode()?
server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java
<https://reviews.apache.org/r/14855/#comment53170>
This is a general comment. You do not need to use the transaction API unless you specifically need to do an atomic commit across multiple rows. Most of this code needs on DB transactions. In this specific case you are not committing the transaction, so I'd be suprised if it works
server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java
<https://reviews.apache.org/r/14855/#comment53173>
It's extremely useful if you generate the certificate fingerprint and store that in the database and include in all responses. The fingerprint is a quick way to determine which cert something is. Here's sample code to do that.
String generateFingerPrint(Certificate cert) {
StringBuilder buffer = new StringBuilder(60);
MessageDigest md = MessageDigest.getInstance("SHA-1");
byte[] data = md.digest(cert.getEncoded());
for ( int i = 0 ; i < data.length ; i++ ) {
if ( buffer.length() > 0 ) {
buffer.append(":");
}
buffer.append(HEX[(0xF0 & data[i]) >>> 4]);
buffer.append(HEX[0x0F & data[i]]);
}
return buffer.toString();
}
server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java
<https://reviews.apache.org/r/14855/#comment53171>
Throw a more approriate exception.
- Darren Shepherd
On Oct. 22, 2013, 8:19 p.m., Syed Ahmed wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/14855/
> -----------------------------------------------------------
>
> (Updated Oct. 22, 2013, 8:19 p.m.)
>
>
> Review request for cloudstack, Darren Shepherd, Murali Reddy, and Shengsheng Huang.
>
>
> Bugs: CLOUDSTACK-4821
> https://issues.apache.org/jira/browse/CLOUDSTACK-4821
>
>
> Repository: cloudstack-git
>
>
> Description
> -------
>
> This is the first patch for Ssl termination support in Cloudstack. This patch is for the certificate management. Basically uploading, validation, deletion, listing for the certificates.
>
> The FS for this is at https://cwiki.apache.org/confluence/display/CLOUDSTACK/SSL+Termination+Support . I will work on the second patch which will assign the certificates to loadbalancing rules.
>
>
> Diffs
> -----
>
> api/src/com/cloud/network/lb/CertService.java PRE-CREATION
> api/src/com/cloud/network/lb/SslCert.java PRE-CREATION
> api/src/org/apache/cloudstack/api/ApiConstants.java c75e6a0
> api/src/org/apache/cloudstack/api/command/user/loadbalancer/DeleteSslCertCmd.java PRE-CREATION
> api/src/org/apache/cloudstack/api/command/user/loadbalancer/ListSslCertsCmd.java PRE-CREATION
> api/src/org/apache/cloudstack/api/command/user/loadbalancer/UploadSslCertCmd.java PRE-CREATION
> api/src/org/apache/cloudstack/api/response/SslCertResponse.java PRE-CREATION
> client/tomcatconf/applicationContext.xml.in 2a3520b
> client/tomcatconf/nonossComponentContext.xml.in 9d1da95
> engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapDao.java PRE-CREATION
> engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapDaoImpl.java PRE-CREATION
> engine/schema/src/com/cloud/network/dao/LoadBalancerCertMapVO.java PRE-CREATION
> engine/schema/src/com/cloud/network/dao/SslCertDao.java PRE-CREATION
> engine/schema/src/com/cloud/network/dao/SslCertDaoImpl.java PRE-CREATION
> engine/schema/src/com/cloud/network/dao/SslCertVO.java PRE-CREATION
> server/src/com/cloud/server/ManagementServerImpl.java 699f469
> server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java PRE-CREATION
> server/test/org/apache/cloudstack/lb/ApplicationLoadBalancerTest.java 9b46e68
> server/test/org/apache/cloudstack/network/lb/ApplicationLoadBalancerTest.java PRE-CREATION
> server/test/org/apache/cloudstack/network/lb/CertServiceTest.java PRE-CREATION
> server/test/resources/certs/bad_format_cert.crt PRE-CREATION
> server/test/resources/certs/dsa_self_signed.crt PRE-CREATION
> server/test/resources/certs/dsa_self_signed.key PRE-CREATION
> server/test/resources/certs/expired_cert.crt PRE-CREATION
> server/test/resources/certs/non_x509_pem.crt PRE-CREATION
> server/test/resources/certs/root_chain.crt PRE-CREATION
> server/test/resources/certs/rsa_ca_signed.crt PRE-CREATION
> server/test/resources/certs/rsa_ca_signed.key PRE-CREATION
> server/test/resources/certs/rsa_ca_signed2.crt PRE-CREATION
> server/test/resources/certs/rsa_ca_signed2.key PRE-CREATION
> server/test/resources/certs/rsa_random_pkey.key PRE-CREATION
> server/test/resources/certs/rsa_self_signed.crt PRE-CREATION
> server/test/resources/certs/rsa_self_signed.key PRE-CREATION
> server/test/resources/certs/rsa_self_signed_with_pwd.crt PRE-CREATION
> server/test/resources/certs/rsa_self_signed_with_pwd.key PRE-CREATION
> setup/db/db/schema-421to430.sql aaebf96
>
> Diff: https://reviews.apache.org/r/14855/diff/
>
>
> Testing
> -------
>
> Unittests are done and included in the review.
>
>
> Thanks,
>
> Syed Ahmed
>
>