osdir.com

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Secure Live KVM VM Migration with CloudStack 4.11.1


Hi Piotr,


In the current implementation, the plugin cannot be used to act as a sub-ordinate or intermediate CA out of the box. One can write a new CA plugin. However, for the default root-ca plugin you can set your own CA keypair and certificate in cloud.configuration table (this will require encrypting the value/string and updating in the table/db), the only requirement is that the CA certificate should have the same attributes/fields as generated by CloudStack for example the certificate can be used for signing other certificates (act as a CA) etc.


- Rohit

<https://cloudstack.apache.org>



________________________________
From: Piotr Pisz <ppisz@xxxxxxxx>
Sent: Tuesday, July 17, 2018 4:11:48 PM
To: users@xxxxxxxxxxxxxxxxxxxxx
Subject: RE: Secure Live KVM VM Migration with CloudStack 4.11.1

Hi Steve,

Is there any chance that the inbuilt certicate authority would act as a subordinate ca (not root ca)?

Regards,
Piotr



rohit.yadav@xxxxxxxxxxxxx 
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue
  
 


-----Original Message-----
From: Steve Roles <steve.roles@xxxxxxxxxxxxx>
Sent: Monday, July 16, 2018 4:38 PM
To: 'dev' <dev@xxxxxxxxxxxxxxxxxxxxx>; users@xxxxxxxxxxxxxxxxxxxxx
Subject: Secure Live KVM VM Migration with CloudStack 4.11.1

Hi all - if you're interested in the topic, Rohit has written a blog about it here: https://www.shapeblue.com/secure-live-kvm-vm-migration-with-cloudstack-4-11-1/

Best regards,


steve.roles@xxxxxxxxxxxxx
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London  WC2N 4HSUK @shapeblue