Implementation Details of uploading custom certificate

API - UploadCustomCertificate 

...

• API has to be invoked multiple times to upload the certificates
• Uploading root certificate and the server certificates are mandatory steps.
• Uploading intermediate certificates(s) is optional.
• Self-signed certificates are not supported.
• Reverting back to Realhostip.com or the last certificate is not supported.

DataBase - table storing the certificates 'keystore'

Schema - 

mysql> desc keystore;
+---------------+---------------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+---------------+---------------------+------+-----+---------+----------------+
| id | bigint(20) unsigned | NO | PRI | NULL | auto_increment |
| name | varchar(64) | NO | UNI | NULL | |
| certificate | text | NO | | NULL | |
| key | text | YES | | NULL | |
| domain_suffix | varchar(256) | NO | | NULL | |
| seq | int(11) | YES | | NULL | |
+---------------+---------------------+------+-----+---------+----------------+

SSVM

• SSVM java keystore has the right certificate  (keytool -list -keystore /usr/local/cloud/systemvm/certs/realhostip.keystore -storepass vmops.com)
• Apache server has the latest key and cert - /etc/ssl/private/cert_apache.key and /etc/ssl/certs/cert_apache.crt

• /etc/apache2/sites-available/default-ssl is the file for apache server where we configure the chain location (and server cert with private key)

...