rhtyd commented on issue #2541: Add "Lets Encrypt CA" Certpath to SSVM Keystore 
(for cdimage.debian.org)
URL: https://github.com/apache/cloudstack/issues/2541#issuecomment-379474873
   This is more of a debian issue than CloudStack issue, example:
   On my testing, I found that debian ca-certificates is OK. Curling a 
letsencrypt https endpoint works but the java based agents fails for the same 
https URL with:
   sun.security.validator.ValidatorException: PKIX path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: unable to find 
valid certification path to requested target
   We'll refresh a new systemvmtemplate as part of release (that will 
be compatible with as well) to include update ca-certificates 
packages. In addition, what we can do is to manually install/setup letsencrypt 
ca certs in the systemvmtemplate from https://letsencrypt.org/certificates/

This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:

With regards,
Apache Git Services

Reply via email to