Reply to Message

Reply to Message

View discussion in a popup

Replying to:
VCJohnR
1 Nickel

Re: Re: configuring a SSL Certificate for ECS Community edition

thanks for your response.

I was able to use the api as you suggest and both the update and show calls appeared to work, the example below is listing the certificate.

However when I connect using Cloudberry to a S3 endpoint I still get the "DataService" self signed certificate.

This is after both connecting before and after a restarting the docker container.

The modification date for the file /opt/storageos/conf/keystore doesn't appear to change (which doesn't worry me if that is not where they are stored); but the encoded certificate as shown below does change.

[root@ecscloud cli]# python ./build/lib/ecscli/ecscli.py keystore show -hostname ecscloud.viostream.com -port 4443 -cookiefile /tmp/cookie/rootcookie29384

/usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html

  InsecureRequestWarning)

{

  "chain": "-----BEGIN CERTIFICATE-----\nMIIDATCCAemgAwIBAgIIYVjVFqUMgQAwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UE\r\nAxMLRGF0YVNlcnZpY2Uw...

...

\ntRQHQm7z85WmOlkl0TjPQj/VNmGZ6uFo/YxTZoE+62iVm1zLP9WKFfXON1XkC4Nl\r\n4LilLfE=\r\n-----END CERTIFICATE-----"

}

I ran these update on a newly installed and configured ecs cloud instance.

0 Kudos