GitHub user dcontiveros-nf edited a comment on the discussion: Quick question about keystore (jks) requirement
@rajujith That variable did not work for connecting to `CS Agent -> CS Management mode`. I think we need to take a step back now that I have some more information. We are trying to add nodes out of band, meaning we want to set them up in an automatic fashion with no access to GUI. This shouldn't be a problem as the docs specifically state that we would need to run some commands here(Personal opinion, I believe this needs to be rewritten so as to not conflict with the Out-Of-Band management that is brought up earlier in that doc. ): https://docs.cloudstack.apache.org/en/4.20.0.0/adminguide/hosts.html#securing-process We attempted to replicate this procedure utilizing only key-tool, but could not get this to connect. I also searched the docs for any PKI related information that would possibly point to how to properly do this, but I did not find anything. What I need now is some direction to do the following: 1. Properly setup the `JKS` stores for both manager/agent that will result in a successful connection without using scripts and either openssl or key-tool 2. Possible way to increase logging for NIO since it handles SSL handshake and is where my agent is getting killed Ideally I think it would be amazing if ACS could do: 1. Update docs with a PKI section 2. Update the docs with alternative methods to handle PKI generation 3. Diagrams (haha I know, I love a picture) I can provide any followups necessary. If I need to enter a Bug/Feature request I can also do that. Edit: I am aware I could setup a MVP, dump the keystores, and then replicate what gets actioned. However, this doesn't guarantee that the procedure will break later on on upgrades. I rather avoid going this route. GitHub link: https://github.com/apache/cloudstack/discussions/10784#discussioncomment-12994269 ---- This is an automatically sent email for users@cloudstack.apache.org. To unsubscribe, please send an email to: users-unsubscr...@cloudstack.apache.org
