You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Wei Zhou (JIRA)" <ji...@apache.org> on 2013/12/05 21:13:36 UTC
[jira] [Resolved] (CLOUDSTACK-5386) Secondary Storage does not
accept SSL certs/domain other than from "realhostip.com"
[ https://issues.apache.org/jira/browse/CLOUDSTACK-5386?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Wei Zhou resolved CLOUDSTACK-5386.
----------------------------------
Resolution: Fixed
Assignee: Wei Zhou
DownloadManagerImpl makes no effect in cloudstack 4.2, as the storage framework changed by Edison su.
I have committed a patch for this issue.
https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=commit;h=9be402cb0693d8aeb779aa7f5ccbe7070c2f03de
> Secondary Storage does not accept SSL certs/domain other than from "realhostip.com"
> -----------------------------------------------------------------------------------
>
> Key: CLOUDSTACK-5386
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-5386
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the default.)
> Components: Storage Controller
> Affects Versions: 4.2.0
> Reporter: Demetrius Tsitrelis
> Assignee: Wei Zhou
>
> The "sec.storage.ssl.cert.domain" should allow for certificates other than realhostip.com to be used. One use case would be for using a self-signed certificate for S3 storage.
> DownloadManageerImpl.configure() contains the following code:
> @Override
> public boolean configure(String name, Map<String, Object> params) {
> final Map<String, String> configs = _configDao.getConfiguration("ManagementServer", params);
> _sslCopy = Boolean.parseBoolean(configs.get("secstorage.encrypt.copy"));
> _proxy = configs.get(Config.SecStorageProxy.key());
> String cert = configs.get("secstorage.ssl.cert.domain");
> if (!"realhostip.com".equalsIgnoreCase(cert)) {
> s_logger.warn("Only realhostip.com ssl cert is supported, ignoring self-signed and other certs");
> }
--
This message was sent by Atlassian JIRA
(v6.1#6144)