diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java index 160015a6dcd..9f0000eeceb 100755 --- a/server/src/com/cloud/server/ManagementServerImpl.java +++ b/server/src/com/cloud/server/ManagementServerImpl.java @@ -16,12 +16,14 @@ // under the License. package com.cloud.server; +import java.io.UnsupportedEncodingException; import java.lang.reflect.Field; import java.net.Inet6Address; import java.net.InetAddress; import java.net.URI; import java.net.URISyntaxException; import java.net.UnknownHostException; +import java.net.URLDecoder; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.util.ArrayList; @@ -2808,18 +2810,32 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe } } - if (cmd.getPrivateKey() != null && !_ksMgr.validateCertificate(cmd.getCertificate(), cmd.getPrivateKey(), cmd.getDomainSuffix())) { + String certificate = cmd.getCertificate(); + String key = cmd.getPrivateKey(); + try { + if (certificate != null) + certificate = URLDecoder.decode(certificate, "UTF-8"); + if (key != null) + key = URLDecoder.decode(key, "UTF-8"); + } catch (UnsupportedEncodingException e) { + } finally { + } + + if (cmd.getPrivateKey() != null && !_ksMgr.validateCertificate(certificate, key, cmd.getDomainSuffix())) { throw new InvalidParameterValueException("Failed to pass certificate validation check"); } if (cmd.getPrivateKey() != null) { - _ksMgr.saveCertificate(ConsoleProxyManager.CERTIFICATE_NAME, cmd.getCertificate(), cmd.getPrivateKey(), cmd.getDomainSuffix()); + _ksMgr.saveCertificate(ConsoleProxyManager.CERTIFICATE_NAME, certificate, key, cmd.getDomainSuffix()); } else { - _ksMgr.saveCertificate(cmd.getAlias(), cmd.getCertificate(), cmd.getCertIndex(), cmd.getDomainSuffix()); + _ksMgr.saveCertificate(cmd.getAlias(), certificate, cmd.getCertIndex(), cmd.getDomainSuffix()); } _consoleProxyMgr.setManagementState(ConsoleProxyManagementState.ResetSuspending); - return "Certificate has been updated, we will stop all running console proxy VMs to propagate the new certificate, please give a few minutes for console access service to be up again"; + List alreadyRunning = _secStorageVmDao.getSecStorageVmListInStates(null, State.Running, State.Migrating, State.Starting); + for (SecondaryStorageVmVO ssVmVm : alreadyRunning) + _secStorageVmMgr.rebootSecStorageVm(ssVmVm.getId()); + return "Certificate has been updated, we will stop all running console proxy VMs and secondary storage VMs to propagate the new certificate, please give a few minutes for console access service to be up again"; } @Override diff --git a/ui/scripts/ui-custom/physicalResources.js b/ui/scripts/ui-custom/physicalResources.js index 69c0295c08d..cb1f8deeb12 100644 --- a/ui/scripts/ui-custom/physicalResources.js +++ b/ui/scripts/ui-custom/physicalResources.js @@ -77,10 +77,11 @@ var $loading = $('
').addClass('loading-overlay'); $('.system-dashboard-view:visible').prepend($loading); $.ajax({ + type: "POST", url: createURL('uploadCustomCertificate'), data: { - certificate: args.data.certificate, - privatekey: args.data.privatekey, + certificate: encodeURIComponent(args.data.certificate), + privatekey: encodeURIComponent(args.data.privatekey), domainsuffix: args.data.domainsuffix }, dataType: 'json', @@ -130,4 +131,4 @@ return resourceChart(args); }; }; -}(cloudStack, jQuery)); \ No newline at end of file +}(cloudStack, jQuery));