Hi Hean, Could you please check by the following steps ?
(1) check if key/certs are saved in DB. Please check the `keystore` table in DB. (2) check if global settings are set correctly. When you change the values, please restart mgmt server and CPVM. consoleproxy.sslEnabled (should be 'true') consoleproxy.url.domain (should be '*.domain.com') (3) check if port 443 is listening in CPVM. netstat -anltp In /var/log/cloud.log in CPVM, you should see the logs like below 2022-01-13 13:00:30,811 INFO [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl] (Console-Proxy-Main:null) Start initializing SSL 2022-01-13 13:00:30,811 INFO [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl] (Console-Proxy-Main:null) Initializing SSL from passed-in certificate 2022-01-13 13:00:30,814 INFO [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl] (Console-Proxy-Main:null) Key manager factory is initialized 2022-01-13 13:00:30,818 INFO [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl] (Console-Proxy-Main:null) Trust manager factory is initialized 2022-01-13 13:00:30,819 INFO [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl] (Console-Proxy-Main:null) SSL context is initialized 2022-01-13 13:00:30,838 INFO [cloud.consoleproxy.ConsoleProxySecureServerFactoryImpl] (Console-Proxy-Main:null) create HTTPS server instance on port: 443 You should be able to upload an ssl certificate by cloning the cloudstack repository and setting up a local cloudstack UI. see https://github.com/apache/cloudstack/blob/main/ui/README.md#development -Wei On Mon, 10 Jan 2022 at 10:52, Hean Seng <heans...@gmail.com> wrote: > I not sure related to this or not, I ssh login to Console Proxy , and > seems port 443 is not listening there . > > Is there anyway I can can check in the console proxy, see if the cert is > properly deploy to the console proxy vm. > > On Mon, Jan 10, 2022 at 5:31 PM Suresh Anaparti < > suresh.anapa...@shapeblue.com> wrote: > > > Hi, > > > > I could see a related issue created here > > https://github.com/apache/cloudstack/issues/5634 > > > > If you have the similar issue with Letsencrypt certs, you add more > details > > there. Otherwise, please create a new issue with the details. > > > > > > Regards, > > Suresh > > > > On 08/01/22, 11:59 AM, "Hean Seng" <heans...@gmail.com> wrote: > > > > hi. Suresh > > > > I am gemnerating Letsenctyp and instll the cert using the API . > > I running.time as show in the shapeblue document. It successfully > > running > > the API > > > > > > "customcertificate": { > > > > "message": "Certificate has been successfully updated, if its the > > server certificate we would reboot all running console proxy VMs and > > secondary storage VMs to propagate the new certificate, please give a > > few > > minutes for console access and storage services service to be up and > > working again" > > > > } > > > > } > > > > > > > > running 2time, first time is chain + root > > second time is cert. perm and privatekey pkcs8 > > > > after upload, destroy and let it rebuild the console proxy , after > > all > > up, it seems https://ip-.domain in console cannot load as expected > > > > > > > > > > On Wed, Jan 5, 2022 at 8:12 PM Suresh Anaparti < > > suresh.anapa...@shapeblue.com> wrote: > > > > > Hi, > > > > > > You can check the certificate configuration process through API/cmk > > here: > > > https://www.shapeblue.com/securing-cloudstack-4-11-with-https-tls/ > > > > > > > > > Regards, > > > Suresh > > > > > > On 05/01/22, 4:55 PM, "Hean Seng" <heans...@gmail.com> wrote: > > > > > > Any body know how to use the API to upload this cert for > console > > proxy, > > > Otherwise this 4.16 is not workable . This function seems no > > > alternative to make it work > > > > > > > > > > > > > > > > > > > > > On Mon, Jan 3, 2022 at 4:08 PM Hean Seng <heans...@gmail.com> wrote: > > > > > > > Is there anyway to manual update it before 4.16.1 release , > > > otherwise the > > > > SSL cannot be install. > > > > > > > > On Mon, Jan 3, 2022 at 3:06 PM Suresh Anaparti < > > > > suresh.anapa...@shapeblue.com> wrote: > > > > > > > >> Good, thanks for the update Pearl! > > > >> > > > >> > > > >> Regards, > > > >> Suresh > > > >> > > > >> On 03/01/22, 12:31 PM, "Pearl d'Silva" < > > pearl.dsi...@shapeblue.com> > > > >> wrote: > > > >> > > > >> Hi, > > > >> > > > >> This seems to be an issue in 4.16.0 but has been > > addressed with: > > > >> https://github.com/apache/cloudstack/pull/5682/ and should > be > > > available > > > >> in 4.16.1. > > > >> > > > >> Thanks, > > > >> Pearl > > > >> > > > >> [ > > > >> > > > > > > https://opengraph.githubassets.com/a85d63087cbc026a03525dcc5d491e900913e0ad6e2b09a6dd8eb27f392c60a8/apache/cloudstack/pull/5682 > > > >> ]<https://github.com/apache/cloudstack/pull/5682/> > > > >> UI : Fix SSL certificate submit button not working by > > dhslove · > > > Pull > > > >> Request #5682 · apache/cloudstack< > > > >> https://github.com/apache/cloudstack/pull/5682/> > > > >> Description This PR fixes an issue where clicking the > > Submit > > > button > > > >> in the SSL Certificates dialog in the Infrastructure Summary > > UI did > > > not > > > >> work. Types of changes Breaking change (fix o... > > > >> github.com > > > >> > > > >> > > > >> ________________________________ > > > >> From: Deepak Kumar <deepak.ku...@indiqus.com.INVALID> > > > >> Sent: Monday, January 3, 2022 12:23 PM > > > >> To: users@cloudstack.apache.org < > > users@cloudstack.apache.org> > > > >> Subject: Re: Cloudstack 4.16 - GUI unable to submit SSL > > > >> > > > >> Hi Hean Seng, > > > >> > > > >> I am facing the same issue. > > > >> > > > >> Thanks & Regards, > > > >> Deepak Kumar > > > >> IndiQus Global Technical Support > > > >> www.indiqus.com<http://www.indiqus.com> > > > >> > > > >> > > > >> > > > >> > > > >> > > > >> > > > >> > > > >> > > > >> On Sun, Jan 2, 2022 at 11:55 PM Hean Seng < > heans...@gmail.com > > > > > > wrote: > > > >> > > > >> > Hi > > > >> > > > > >> > I am using Cloudstack 4.16 , Ubuntu 20 for Mgmt > server. > > > >> > > > > >> > Infrastructure ->. Summary -> SSL Certification > > > >> > > > > >> > Entering all the SSL detail, and click submit , but > the > > > click has > > > >> no > > > >> > responding . > > > >> > Clecking the MGMT log, and nothing seems processed . > > > >> > > > > >> > Tried on both Chrome, Safari and same issue . > > > >> > Tried the same SSL to Cloudstack 4.15 , and it has no > > issue > > > >> submitting the > > > >> > SSL > > > >> > > > > >> > Anybody facing the same issue ? > > > >> > > > > >> > > > > >> > -- > > > >> > Regards, > > > >> > Hean Seng > > > >> > > > > >> > > > >> -- > > > >> This message is intended only for the use of the > > individual or > > > entity > > > >> to > > > >> which it is addressed and may contain confidential > and/or > > > privileged > > > >> information. If you are not the intended recipient, > please > > > delete the > > > >> original message and any copy of it from your computer > > system. > > > You are > > > >> hereby notified that any dissemination, distribution or > > copying > > > of > > > >> this > > > >> communication is strictly prohibited unless proper > > > authorization has > > > >> been > > > >> obtained for such action. If you have received this > > > communication in > > > >> error, > > > >> please notify the sender immediately. Although IndiQus > > attempts > > > to > > > >> sweep > > > >> e-mail and attachments for viruses, it does not > guarantee > > that > > > both > > > >> are > > > >> virus-free and accepts no liability for any damage > > sustained as > > > a > > > >> result of > > > >> viruses. > > > >> > > > >> > > > > > > > > -- > > > > Regards, > > > > Hean Seng > > > > > > > > > > > > > -- > > > Regards, > > > Hean Seng > > > > > > > > > > -- > > Regards, > > Hean Seng > > > > > > -- > Regards, > Hean Seng >