AeroGear Push
  1. AeroGear Push
  2. AGPUSH-287

Undo OpenShift SSL Certificate workaround

    Details

    • Bugzilla Update:
      Perform
    • Similar Issues:
      Show 10 results 

      Description

      In AGPUSH-224 we added a workaround for an OpenShift ssl cert issue.

      Once that is fixed, we need to remove the code we added for that JIRA

        Issue Links

          Activity

          Hide
          RH Bugzilla Integration
          added a comment -

          Meng Bo <bmeng@redhat.com> made a comment on bug 997108

          Checked on latest INT(devenv_3680), the 8443 port can be connected via ssl client.

          And according the commnet#10, the CA and SSL are the same on INT, And it will be different on PROD.

          Move the bug to verified.

          Show
          RH Bugzilla Integration
          added a comment - Meng Bo <bmeng@redhat.com> made a comment on bug 997108 Checked on latest INT(devenv_3680), the 8443 port can be connected via ssl client. And according the commnet#10, the CA and SSL are the same on INT, And it will be different on PROD. Move the bug to verified.
          Hide
          RH Bugzilla Integration
          added a comment -

          Meng Bo <bmeng@redhat.com> changed the Status of bug 997108 from ON_QA to VERIFIED

          Show
          RH Bugzilla Integration
          added a comment - Meng Bo <bmeng@redhat.com> changed the Status of bug 997108 from ON_QA to VERIFIED
          Hide
          RH Bugzilla Integration
          added a comment -

          Dan McPherson <dmcphers@redhat.com> changed the Status of bug 997108 from VERIFIED to CLOSED

          Show
          RH Bugzilla Integration
          added a comment - Dan McPherson <dmcphers@redhat.com> changed the Status of bug 997108 from VERIFIED to CLOSED
          Hide
          RH Bugzilla Integration
          added a comment -

          matzew@redhat.com made a comment on bug 997108

          This issue seems still be open:

          openssl s_client -connect delete-pushee.rhcloud.com:8443

          ==>> Only one cert in the "Certificate chain" (the self-signed cert)

          Testing against the 'standard' port:
          openssl s_client -connect delete-pushee.rhcloud.com:443

          Two certs (as expected) certs in the chain....

          Show
          RH Bugzilla Integration
          added a comment - matzew@redhat.com made a comment on bug 997108 This issue seems still be open: openssl s_client -connect delete-pushee.rhcloud.com:8443 ==>> Only one cert in the "Certificate chain" (the self-signed cert) Testing against the 'standard' port: openssl s_client -connect delete-pushee.rhcloud.com:443 Two certs (as expected) certs in the chain....
          Hide
          RH Bugzilla Integration
          added a comment -

          matzew@redhat.com made a comment on bug 997108

          Running 'openssl s_client -connect delete-pushee.rhcloud.com:8443'

          I am getting this:

          Certificate chain
          0 s:/serialNumber=LnhzJHxcX0bIdlH2ITnDgaewey8ce5g3/C=US/ST=North Carolina/L=Raleigh/O=Red Hat Inc/OU=RHC Cloud Opoerations/CN=*.rhcloud.com
          i:/C=US/O=GeoTrust, Inc./CN=GeoTrust SSL CA

          Server certificate
          ----BEGIN CERTIFICATE----
          MIIFFzCCA/+gAwIBAgIDAf0eMA0GCSqGSIb3DQEBBQUAMEAxCzAJBgNVBAYTAlVT
          MRcwFQYDVQQKEw5HZW9UcnVzdCwgSW5jLjEYMBYGA1UEAxMPR2VvVHJ1c3QgU1NM
          IENBMB4XDTEzMDIwMjE5MTUzN1oXDTE1MDUwODAxNDkxM1owgbExKTAnBgNVBAUT
          IExuaHpKSHhjWDBiSWRsSDJJVG5EZ2Fld2V5OGNlNWczMQswCQYDVQQGEwJVUzEX
          MBUGA1UECBMOTm9ydGggQ2Fyb2xpbmExEDAOBgNVBAcTB1JhbGVpZ2gxFDASBgNV
          BAoTC1JlZCBIYXQgSW5jMR4wHAYDVQQLExVSSEMgQ2xvdWQgT3BvZXJhdGlvbnMx
          FjAUBgNVBAMMDSoucmhjbG91ZC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
          ggEKAoIBAQCxAEY922gAMY6nxfwDS2gVLqePypw/jboknS274rnuppSmW1dQziCJ
          fnL18kGLROsp+HoU/rdnvBQG/LhNhYWfD5w+sdB6ciUUM4/3u1CE1/gG5XcA/CD6
          8u9cDg1Swyc0isex269x4IRmJX0bdPvH5BEIDaDpkeF+XjpMRWO88IvPsTljkm4N
          PbiGWs57gNUzQV6i/NFH8opRW6IoJ8A78wwzfT3lylx4W2IzGHcbG/J4ydsTVYIr
          hbC3qMA3uf8kSOYt1EIVFVbWQyAgCR3usn515HLjlkbMAFUsnTUb9h39NqtehuBL
          Jv4ojClYtj+YzGDKlaLewxxVhh7LDIm9AgMBAAGjggGmMIIBojAfBgNVHSMEGDAW
          gBRCeVQbYc1VKz5j1TxIV/Wf+0XOSjAOBgNVHQ8BAf8EBAMCBLAwHQYDVR0lBBYw
          FAYIKwYBBQUHAwEGCCsGAQUFBwMCMCUGA1UdEQQeMByCDSoucmhjbG91ZC5jb22C
          C3JoY2xvdWQuY29tMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9ndHNzbC1jcmwu
          Z2VvdHJ1c3QuY29tL2NybHMvZ3Rzc2wuY3JsMB0GA1UdDgQWBBS0VOLUqvJ1EhfN
          8iFK2cswdQCuOzAMBgNVHRMBAf8EAjAAMG8GCCsGAQUFBwEBBGMwYTAqBggrBgEF
          BQcwAYYeaHR0cDovL2d0c3NsLW9jc3AuZ2VvdHJ1c3QuY29tMDMGCCsGAQUFBzAC
          hidodHRwOi8vZ3Rzc2wtYWlhLmdlb3RydXN0LmNvbS9ndHNzbC5jcnQwTAYDVR0g
          BEUwQzBBBgpghkgBhvhFAQc2MDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuZ2Vv
          dHJ1c3QuY29tL3Jlc291cmNlcy9jcHMwDQYJKoZIhvcNAQEFBQADggEBAF6q7m65
          Mf/fyL+J6s1Q2PHP886+6DWorFyMPMsXBXA/Ap4Hw3XyZD9GEB3J9nWJXazVbFeT
          X9aowyeaGMzTjwS7EQDEW/WNm5kthJ0giTIl5WU5SigFZFddx1r7Tv8EiyouxeDE
          kX+nX7SaikTGTKl5W46mwuLbAk3ujF7aNRt8ufrNE76RU5SoYGMKM2bFC2zXOW6z
          Xh7Mv51bShWhCUA3H9US66PCAfLVd5ubiXWoha14aHHCFz20Tnpk0dPc4qwBj71i
          5VXUR0y40gQ2BctAuyqRXC3MSnrAtCzpXlBlrZ151HufimLZI4IBbtrAd2mhBxq+
          1szz2FmHB4SIzq8=
          ----END CERTIFICATE----
          subject=/serialNumber=LnhzJHxcX0bIdlH2ITnDgaewey8ce5g3/C=US/ST=North Carolina/L=Raleigh/O=Red Hat Inc/OU=RHC Cloud Opoerations/CN=*.rhcloud.com
          issuer=/C=US/O=GeoTrust, Inc./CN=GeoTrust SSL CA

          No client certificate CA names sent

          SSL handshake has read 1476 bytes and written 456 bytes

          New, TLSv1/SSLv3, Cipher is AES256-SHA
          Server public key is 2048 bit
          Secure Renegotiation IS supported
          Compression: NONE
          Expansion: NONE
          SSL-Session:
          Protocol : TLSv1
          Cipher : AES256-SHA
          Session-ID: D4B1B77D961933AAD362EDB3424F0594554B6FF2CBA68FEA4F4C65DFCBF571CE
          Session-ID-ctx:
          Master-Key: 8989A172015FF2ED19B0458D643DAB7C412909BBF5B94542B8DADE82D85EB00AEB81606792FB0ED2CC0793751806C00B
          Key-Arg : None
          Start Time: 1379409734
          Timeout : 300 (sec)
          Verify return code: 21 (unable to verify the first certificate)

          Note in the last line "unable to verify the first certificate"

          Show
          RH Bugzilla Integration
          added a comment - matzew@redhat.com made a comment on bug 997108 Running 'openssl s_client -connect delete-pushee.rhcloud.com:8443' I am getting this: Certificate chain 0 s:/serialNumber=LnhzJHxcX0bIdlH2ITnDgaewey8ce5g3/C=US/ST=North Carolina/L=Raleigh/O=Red Hat Inc/OU=RHC Cloud Opoerations/CN=*.rhcloud.com i:/C=US/O=GeoTrust, Inc./CN=GeoTrust SSL CA — Server certificate ---- BEGIN CERTIFICATE ---- MIIFFzCCA/+gAwIBAgIDAf0eMA0GCSqGSIb3DQEBBQUAMEAxCzAJBgNVBAYTAlVT MRcwFQYDVQQKEw5HZW9UcnVzdCwgSW5jLjEYMBYGA1UEAxMPR2VvVHJ1c3QgU1NM IENBMB4XDTEzMDIwMjE5MTUzN1oXDTE1MDUwODAxNDkxM1owgbExKTAnBgNVBAUT IExuaHpKSHhjWDBiSWRsSDJJVG5EZ2Fld2V5OGNlNWczMQswCQYDVQQGEwJVUzEX MBUGA1UECBMOTm9ydGggQ2Fyb2xpbmExEDAOBgNVBAcTB1JhbGVpZ2gxFDASBgNV BAoTC1JlZCBIYXQgSW5jMR4wHAYDVQQLExVSSEMgQ2xvdWQgT3BvZXJhdGlvbnMx FjAUBgNVBAMMDSoucmhjbG91ZC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQCxAEY922gAMY6nxfwDS2gVLqePypw/jboknS274rnuppSmW1dQziCJ fnL18kGLROsp+HoU/rdnvBQG/LhNhYWfD5w+sdB6ciUUM4/3u1CE1/gG5XcA/CD6 8u9cDg1Swyc0isex269x4IRmJX0bdPvH5BEIDaDpkeF+XjpMRWO88IvPsTljkm4N PbiGWs57gNUzQV6i/NFH8opRW6IoJ8A78wwzfT3lylx4W2IzGHcbG/J4ydsTVYIr hbC3qMA3uf8kSOYt1EIVFVbWQyAgCR3usn515HLjlkbMAFUsnTUb9h39NqtehuBL Jv4ojClYtj+YzGDKlaLewxxVhh7LDIm9AgMBAAGjggGmMIIBojAfBgNVHSMEGDAW gBRCeVQbYc1VKz5j1TxIV/Wf+0XOSjAOBgNVHQ8BAf8EBAMCBLAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMCUGA1UdEQQeMByCDSoucmhjbG91ZC5jb22C C3JoY2xvdWQuY29tMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9ndHNzbC1jcmwu Z2VvdHJ1c3QuY29tL2NybHMvZ3Rzc2wuY3JsMB0GA1UdDgQWBBS0VOLUqvJ1EhfN 8iFK2cswdQCuOzAMBgNVHRMBAf8EAjAAMG8GCCsGAQUFBwEBBGMwYTAqBggrBgEF BQcwAYYeaHR0cDovL2d0c3NsLW9jc3AuZ2VvdHJ1c3QuY29tMDMGCCsGAQUFBzAC hidodHRwOi8vZ3Rzc2wtYWlhLmdlb3RydXN0LmNvbS9ndHNzbC5jcnQwTAYDVR0g BEUwQzBBBgpghkgBhvhFAQc2MDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuZ2Vv dHJ1c3QuY29tL3Jlc291cmNlcy9jcHMwDQYJKoZIhvcNAQEFBQADggEBAF6q7m65 Mf/fyL+J6s1Q2PHP886+6DWorFyMPMsXBXA/Ap4Hw3XyZD9GEB3J9nWJXazVbFeT X9aowyeaGMzTjwS7EQDEW/WNm5kthJ0giTIl5WU5SigFZFddx1r7Tv8EiyouxeDE kX+nX7SaikTGTKl5W46mwuLbAk3ujF7aNRt8ufrNE76RU5SoYGMKM2bFC2zXOW6z Xh7Mv51bShWhCUA3H9US66PCAfLVd5ubiXWoha14aHHCFz20Tnpk0dPc4qwBj71i 5VXUR0y40gQ2BctAuyqRXC3MSnrAtCzpXlBlrZ151HufimLZI4IBbtrAd2mhBxq+ 1szz2FmHB4SIzq8= ---- END CERTIFICATE ---- subject=/serialNumber=LnhzJHxcX0bIdlH2ITnDgaewey8ce5g3/C=US/ST=North Carolina/L=Raleigh/O=Red Hat Inc/OU=RHC Cloud Opoerations/CN=*.rhcloud.com issuer=/C=US/O=GeoTrust, Inc./CN=GeoTrust SSL CA — No client certificate CA names sent — SSL handshake has read 1476 bytes and written 456 bytes — New, TLSv1/SSLv3, Cipher is AES256-SHA Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : AES256-SHA Session-ID: D4B1B77D961933AAD362EDB3424F0594554B6FF2CBA68FEA4F4C65DFCBF571CE Session-ID-ctx: Master-Key: 8989A172015FF2ED19B0458D643DAB7C412909BBF5B94542B8DADE82D85EB00AEB81606792FB0ED2CC0793751806C00B Key-Arg : None Start Time: 1379409734 Timeout : 300 (sec) Verify return code: 21 (unable to verify the first certificate) — Note in the last line "unable to verify the first certificate"

            People

            • Assignee:
              Matthias Wessendorf
              Reporter:
              Matthias Wessendorf
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: