We had the similar issue when downloaded the template/iso from fedorapeople.org. The issue was fixed in our internal version.
If you are interested, please create a jira ticket, I will upload it in github. -Wei 2016-03-16 16:06 GMT+01:00 Stephan Seitz <s.se...@secretresearchfacility.com >: > Sadhu, > > thank you for your feedback. unfortunately, my problem is not using own > certificates on the SSVM/CPVM. This is already done. > > We're missing some newer Root-CA certificates in the keystore, so > therefor some https-download-URL are not working since SSVM doesn't know > about that (even valid) root-CA. > > My question is, how to I add root-CA to the keystore (say, an equivalent > to the system-wide "aptitude upgrade ca-certificates"). > > I think, I could also file a jira ticket but I want to understand the > mechanisms in prior. > > Right now, we encounter Problems with D/L URL secured by LetsEncrypt and > some Comodo RSA Roots with SHA256 Intermediates. > > I already fixed that by adding the respective certificates to the > keystore, but I assume it's better to get that persistent :) > > Oh, and we're running 4.7 w/ 4.6 SSVM/CPVM-template. > > cheers, > > - Stephan > > Am Mittwoch, den 16.03.2016, 09:22 +0000 schrieb Suresh Sadhu: > > Please check this link: > > > http://sadhusuresh.blogspot.in/2015/01/t-hings-you-should-consider-while.html > > > > > > your uploaded certis loaded in the database in keystore table, after > upload ssl successful it recreate ssvm/cpvm with new key . > > > > regards > > sadhu > > > > > > -----Original Message----- > > From: Stephan Seitz [mailto:s.se...@secretresearchfacility.com] > > Sent: Wednesday, March 16, 2016 2:13 PM > > To: dev@cloudstack.apache.org > > Subject: ./certs/realhostip.keystore in SSVN > > > > Hey devs! > > > > I just added some recent root-CA certificates to running SSVM instances. > > I'ld like to persist this by updating the realhostip.keystore, and can't > locate that keystore file inside the template.vhd. > > Even after searching the git repo, I don't know where this file is > deployed from. > > > > Could someone please shed some light where to find that keystore source? > > > > Thanks in advance! > > > > cheers, > > > > - Stephan > > > > > > > > > > DISCLAIMER > > ========== > > This e-mail may contain privileged and confidential information which is > the property of Accelerite, a Persistent Systems business. It is intended > only for the use of the individual or entity to which it is addressed. If > you are not the intended recipient, you are not authorized to read, retain, > copy, print, distribute or use this message. If you have received this > communication in error, please notify the sender and delete all copies of > this message. Accelerite, a Persistent Systems business does not accept any > liability for virus infected mails. > > >
