Post on user list and hope the information is helpful Kelven
On 9/21/12 10:26 AM, "Kelven Yang" <[email protected]> wrote: >Periodically we get questions asking about what realhostip DNS name is >exactly doing in CloudStack. Realhostip.com domain exists to make HTTPS >work across all CloudStack installations in different customer sites, >without administrators to worry about how to load a SSL certificate due to >deployment environment changes. > >SSL certificates are used in CloudStack system VMs to host HTTPS >connections, for example, console proxy VM and Secondary storage VM, both >uses it in its HTTP server. Realhostip.com SSL certificate is signed with >wild-match addresses, all DNS names under *.realhostip.com are qualified >to use the certificate. Because of the fact that every CloudStack customer >has its own environment, every each one has their own sets of system VMs >in their installations and each system VM instance has their own sets of >IP addresses. To use ONE certificate to apply for all these instances >among different customers, we came out with a solution by providing >dynamic DNS service hosted by CloudStack, the DDNS service basically >translates following form of DNS names to IP addresses > >xxx-xxx-xxx-xxx.realhostip.com to IP address xxx.xxx.xxx.xxx > >CloudStack has control of IP address in each installation, so whenever we >need a SSL certificate, does not matter which customer is running the >installation, with such DDNS service is available, we can always assign it >a suffix under realhostip.com domain on top of ever-changing IP addresses, >this is the trick we play to make ONE SSL certificate applicable >universally among all CloudStack installations. > >In most of these cases, the ugly formed DNS name is not visible to end >users, since its main purpose is to help establish secure communication >channel (not truly to certify a site), however, there are cases that >customer may do care, therefore, Console proxy VM does provide >customizable way for users to use their own SSL certificates > >Kelven >
