[ovirt-users] 3.6 to 4.0 upgrade cert issue

Martin Perina mperina at redhat.com
Fri Jun 24 18:58:07 UTC 2016 

On Fri, Jun 24, 2016 at 7:43 PM, Scott <romracer at gmail.com> wrote:

> You need to import your intermediate certificate and possibly your CA
> certificate into the ovirt-engine keystore.  This is the command I used:
>
> sudo keytool -importcert -trustcacerts -keystore
> /etc/pki/ovirt-engine/.truststore -storepass mypass -file
> /etc/pki/tls/certs/startcom.class1.server.ca.pem
>
> The password is actually "mypass".
>

​This is not a correct solution although it's working for now. Correct
steps are described at [1].

Thanks

Martin Perina

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1336838
​


>
> Scott
>
> On Fri, Jun 24, 2016 at 11:33 AM Matt Haught <dmhaught at ncsu.edu> wrote:
>
>> So I switched back to the original self-signed certs that I had luckily
>> saved and was able to get in without error. Is there a new process for
>> using non-self-signed certs with ovirt 4.0?
>>
>> Thanks,
>> --
>> Matt Haught
>>
>> On Fri, Jun 24, 2016 at 11:19 AM, Matt Haught <dmhaught at ncsu.edu> wrote:
>>
>>> I just attempted an upgrade from 3.6 to 4.0 hosted engine and ran into
>>> an problem. The hosted engine vm updated without issue, but when I go to
>>> login to the web interface to continue the process I get:
>>>
>>> sun.security.validator.ValidatorException: PKIX path building failed:
>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
>>> valid certification path to requested target
>>>
>>> at every page load and I can't login. I have a feeling that the issue
>>> comes from where I replaced the self-signed certs with trusted ca signed
>>> certs a year ago. Is there a work around?
>>>
>>> CentOS 7.2
>>>
>>> Thanks,
>>>
>>> --
>>> Matt Haught
>>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20160624/0a9dfe1b/attachment-0001.html>

More information about the Users mailing list