Community
 
Other links
 
  1. Persistent Support
  2. Communauté
  3. CloudPlatform 3.x
 

CloudPlatform 3.x

Nouvelle publication    New comment
343 abonnés
 
Avatar
Pankaj Paliwal

Console Proxy SSL certificate change fails

Avatar

Console Proxy SSL certificate change fails

I'm trying to change the SSL certificate of the console proxy following the information from the Administrator Guide for CloudPlatform 3.0.6. I've generated the 2048 bit CSR and the key, bought the SSL certificate, converted the key to PKS8 format, however, when I'm trying to update the SSL certificate in the GUI I'm getting this error (I removed in this message most of the content between BEGIN and END):

Failed to update SSL Certificate. Received value -----BEGIN CERTIFICATE----- MIIFVD.........MdegH7 -----END CERTIFICATE----- for parameter certificate is invalid, contains illegal ASCII non-printable characters

management-server.log doesn't show any specific error while I'm trying the above.

Any idea about what I'm doing wrong?

Thanks,

Daniel


Terry Whiffing MEMBERS
5 commentaires
0

Vous devez vous connecter pour laisser un commentaire.

 
 

Previous 5 commentaires

Date Votes
Avatar
Gert Jensen

Hello,

Did you figure this out, i have the same problem..

\\Gert


0
Actions pour les commentaires Permalien
Avatar
Pankaj Paliwal
Avatar

No, still waiting for Citrix support or someone here to come up with a hint.


Terry Whiffing MEMBERS
0
Actions pour les commentaires Permalien
Avatar
Pankaj Paliwal
Avatar

Trying to find some meaningful logs I reached the SSL logs in Apache - we're using Apache in front of CloudPlatform to get rid of the ":8080/client" thing. And there I've seen the API uploadCustomCertificate call executed while I was trying to upgrade the SSL certificate. In this call the new line (NL) and carriage return (CR) characters are passed as %0A%0D. I think these are the characters that CloudStack GUI refers to as illegal non-printable ASCII characters. So I removed these characters from the certificate and key and tried again but I've got the same error. I checked the SSL log and I noticed that some characters like "/" were passed through the API using their hexa code like %2F. So I went to the command line and crafted an URL keeping the ASCII representation of the certificate and key, URL that I tried to pass to the API using curl command. Now I'm getting:
"Not a valid protocol version:..." followed by the certificate and key. Better than before but still not fixed.

At this point I'm kind of lost...


Terry Whiffing MEMBERS
0
Actions pour les commentaires Permalien
Avatar
Pankaj Paliwal
Avatar

Think you are on the right track... I would run dos2unix on the certificate file to be sure...

When you are making the curl call, assuming directly to the API, are you including your key and command signature? Look at the API guide on how to do this properly.

--Mike


Mike Little MEMBERS
0
Actions pour les commentaires Permalien
Avatar
Pankaj Paliwal
Avatar

There is a known issue with uploading custom certificate in CloudPlatform 3.0.6 release. The bug is scheduled to be fixed in 3.0.7 patch B which should be available in last week of July.


Prashanth Reddy Mandadi CITRIX EMPLOYEES
0
Actions pour les commentaires Permalien

Participate

Ask, Discuss, Answer


Ask a Question
Getting Started
Discuss the Accelerite Support Portal

Top Contributors