In attempting to replace the default self-signed certificate for Veeam Backup for AWS, I uploaded a certificate in PEM format, which I later found to be unsupported according to the documentation: https://helpcenter.veeam.com/docs/vbaws ... tml?ver=70. Support advised I remove all files located at store /root/.dotnet/corefx/cryptography/x509stores/my/* and reboot, which would apparently cause the default self-signed cert to be recreated. This did not work, and the service would not restart. Tier 1 support recommended redeployment as the best option. After escalation to tier 2, I was guided in a more complex recovery process to generate and configure a new cert, which allowed me to again have access to the UI to be able to upload the correct cert.
As a user interacting with the UI, I should not have been able to reach this invalid state. There should be sufficient input validation/sanitization to prevent this situation from occurring.
Case ID: 07168155
-
mnaltce
- Lurker
- Posts: 1
- Liked: never
- Joined: Mar 13, 2024 5:52 pm
- Full Name: Mariella Nalepa
- Contact:
-
nielsengelen
- Product Manager
- Posts: 5636
- Liked: 1181 times
- Joined: Jul 15, 2013 11:09 am
- Full Name: Niels Engelen
- Contact:
Re: Bug Fix - Upload of certificate in unsupported format causes web service to crash
Hi Mariella,
Thanks for sharing this concern. We'll look into enhancements for this in the future and potentially see how to resolve the support for PEM formats.
Thanks for sharing this concern. We'll look into enhancements for this in the future and potentially see how to resolve the support for PEM formats.
Personal blog: https://foonet.be
GitHub: https://github.com/nielsengelen
GitHub: https://github.com/nielsengelen
Who is online
Users browsing this forum: No registered users and 2 guests