Hi Rohit,
keytool -list -keystore /etc/cloudstack/management/keystore.pkcs12 (Password
same as in server.properties and works)
--------------------
Keystore type: PKCS12
Keystore provider: SUN
Your keystore contains 1 entry
1, 11 Dec 2019, PrivateKeyEntry,
Certificate fingerprint (SHA-256): xx:xx:xx:xx...etc
--------------------
Converted pkcs12 to jks via "keytool -importkeystore -srckeystore
combined.pkcs12 -destkeystore combined.jks -deststoretype jks" (I renamed the
copy of keystore.pkcs12 to "combined.pkcs12")
Choose same password, output ok
Changed server.properties to
https.keystore=/etc/cloudstack/management/combined.jks
-> Management-Server behaviour is the same
--------------------
Logs regarding keystore:
2020-06-29 12:01:02,052 INFO [o.e.j.s.h.ContextHandler] (main:null) (logid:)
Started
o.e.j.w.WebAppContext@311bf055{/client,file:///usr/share/cloudstack-management/webapp/,AVAILABLE}{/usr/share/cloudstack-management/webapp}
2020-06-29 12:01:02,053 INFO [o.e.j.s.h.ContextHandler] (main:null) (logid:)
Started o.e.j.s.h.MovedContextHandler@451001e5{/,null,AVAILABLE}
2020-06-29 12:01:02,076 INFO [o.e.j.s.AbstractConnector] (main:null) (logid:)
Started ServerConnector@6f46426d{HTTP/1.1,[http/1.1]}{0.0.0.0:8080}
2020-06-29 12:01:02,090 INFO [o.e.j.u.s.SslContextFactory] (main:null)
(logid:) x509=X509@25c6abfa(1,h=[our acual domain name],w=[our domain name
again]) for
SslContextFactory@4991c0f7[provider=null,keyStore=file:///etc/cloudstack/management/combined.jks,trustStore=null]
--------------------
Management Server is listening on 8080 and 8443, though it only says tcp6 for
some reason:
tcp6 3 0 :::8443 :::* LISTEN
tcp6 0 0 :::8080 :::* LISTEN
I removed IPv6 config from the network scripts but it remains. IPv4 on 8080 is
working anyway.
Is there anything strange here?
Regards
Vincent
