[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Direct templates/volumes upload don't work in real world


Thanks, Rajani. I'll try to test those vars. Just to sum up:

* secstorage.ssl.cert.domain
* SSL certificate used to encrypt copy traffic between zones

not very obvious and useful description for someone who tries to figure out
the problem.

2018-08-23 13:37 GMT+07:00 Rajani Karuturi <rajani@xxxxxxxxxx>:

> Check the values of secstorage.encrypt.copy, secstorsge.ssl.cert.domain
>
> https://cwiki.apache.org/confluence/display/CLOUDSTACK/
> Procedure+to+Replace+realhostip.com+with+Your+Own+Domain+Name
> has more info
>
> ~Rajani
>
> Sent from phone.
>
> On Thu, 23 Aug 2018, 11:57 am Ivan Kudryavtsev, <kudryavtsev_ia@xxxxxxxxx>
> wrote:
>
> > Yes, but API returns https://<ip>/<hash>, not
> > https://1-2-3-4.dns.zone/hash.
> > That is what I'm talking about, at least it works for my 4.11.1
> deployment,
> > while CPVM works just fine with https://1-2-3-4.dns.zone/
> >
> > 2018-08-23 13:24 GMT+07:00 Rajani Karuturi <rajani@xxxxxxxxxx>:
> >
> > > The same CPVM type URL also works for SSVM. You could also add Https
> > > exception in browser to test it out.
> > >
> > > Check FS at
> > >
> > https://cwiki.apache.org/confluence/pages/viewpage.
> action?pageId=39620237
> > > for more details.
> > >
> > > ~Rajani
> > >
> > > Sent from phone.
> > >
> > > On Thu, 23 Aug 2018, 10:25 am Ivan Kudryavtsev, <
> > kudryavtsev_ia@xxxxxxxxx>
> > > wrote:
> > >
> > > > Hello, devs.
> > > >
> > > > Today I investigated how ACS handles file uploads. I thought there
> is a
> > > > Jetty-based implementation, but it looks like they are managed thru
> > SSVM
> > > by
> > > > requesting unique upload URL and so on and so forth.
> > > >
> > > > By design, it's good, despite that the URL which returned by an API
> > > > includes https://IP/<token> schema, where SSL is related to *.
> > realip.com
> > > > and as a result, nothing really works in a browser without playing
> with
> > > > certs.
> > > >
> > > > I know that CPVM uses 1-2-3-4.domain.com URL and works great with
> > > > real-life
> > > > SSLs, no idea why SSVM doesn't act the same way.
> > > >
> > > > Personally, I don't use direct uploading, but you know the users.
> They
> > > find
> > > > it very attractive and easy rather than managing thru external
> > HTTP/HTTPS
> > > > servers.
> > > >
> > > > So, basically, the feature doesn't work for real-life deployments.
> > > >
> > > > --
> > > > With best regards, Ivan Kudryavtsev
> > > > Bitworks LLC
> > > > Cell: +7-923-414-1515
> > > > WWW: http://bitworks.software/ <http://bw-sw.com/>
> > > >
> > >
> >
> >
> >
> > --
> > With best regards, Ivan Kudryavtsev
> > Bitworks LLC
> > Cell: +7-923-414-1515
> > WWW: http://bitworks.software/ <http://bw-sw.com/>
> >
>



-- 
With best regards, Ivan Kudryavtsev
Bitworks LLC
Cell: +7-923-414-1515
WWW: http://bitworks.software/ <http://bw-sw.com/>