3:12 p.m.
This is a multi-part message in MIME format...
------------=_1525435956-13373-143
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
[
https://ovirt-jira.atlassian.net/browse/OVIRT-1994?page=com.atlassian.jir...
]
Evgheni Dereveanchin reassigned OVIRT-1994:
-------------------------------------------
Assignee: Evgheni Dereveanchin (was: infra)
foreman certs about to expire
-----------------------------
Key: OVIRT-1994
URL: https://ovirt-jira.atlassian.net/browse/OVIRT-1994
Project: oVirt - virtualization made easy
Issue Type: Task
Reporter: Evgheni Dereveanchin
Assignee: Evgheni Dereveanchin
Priority: High
The oVirt Foreman was deployed on 05.05.2013 and soon most of the certs issued at that
time will expire.
Here's a message shown on one of the older systems under its management:
Warning: Certificate 'Puppet CA: foreman.ovirt.org' will expire on
2018-05-05T19:41:35GMT
Warning: Certificate 'foreman.ovirt.org' will expire on 2018-07-02T13:50:12GMT
Warning: Certificate 'monitoring.ovirt.org' will expire on
2018-05-28T15:32:20GMT
So the CA certificate is expiring this week, the puppetmaster one - in two months and
some client certs - even sooner than that.
A possible fix is to generate new CA and puppetmaster certificates using original CSRs,
then delete /var/lib/puppet/ssl/certs/ca.pem on clients and most of them should keep
working since their own certs will still be signed using the same keys.
--
This message was sent by Atlassian Jira
(v1001.0.0-SNAPSHOT#100083)
------------=_1525435956-13373-143
Content-Type: text/html; charset="UTF-8"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
<html><body>
<pre>[
https://ovirt-jira.atlassian.net/browse/OVIRT-1994?page=com.atlassian.jir...
]</pre>
<h3>Evgheni Dereveanchin reassigned OVIRT-1994:</h3>
<pre>Assignee: Evgheni Dereveanchin (was: infra)</pre>
<blockquote><h3>foreman certs about to expire</h3>
<pre> Key: OVIRT-1994
URL: https://ovirt-jira.atlassian.net/browse/OVIRT-1994
Project: oVirt - virtualization made easy
Issue Type: Task
Reporter: Evgheni Dereveanchin
Assignee: Evgheni Dereveanchin
Priority: High</pre>
<p>The oVirt Foreman was deployed on 05.05.2013 and soon most of the certs issued at
that time will expire. Here's a message shown on one of the older systems under its
management: Warning: Certificate ‘Puppet CA: foreman.ovirt.org’ will
expire on 2018-05-05T19:41:35GMT Warning: Certificate
‘foreman.ovirt.org’ will expire on 2018-07-02T13:50:12GMT Warning:
Certificate ‘monitoring.ovirt.org’ will expire on
2018-05-28T15:32:20GMT So the CA certificate is expiring this week, the puppetmaster one
– in two months and some client certs – even sooner than that. A
possible fix is to generate new CA and puppetmaster certificates using original CSRs, then
delete /var/lib/puppet/ssl/certs/ca.pem on clients and most of them should keep working
since their own certs will still be signed using the same
keys.</p></blockquote>
<p>— This message was sent by Atlassian Jira
(v1001.0.0-SNAPSHOT#100083)</p>
<img
src="https://u4043402.ct.sendgrid.net/wf/open?upn=i5TMWGV99amJbNxJpS...
alt="" width="1" height="1" border="0"
style="height:1px !important;width:1px !important;border-width:0
!important;margin-top:0 !important;margin-bottom:0 !important;margin-right:0
!important;margin-left:0 !important;padding-top:0 !important;padding-bottom:0
!important;padding-right:0 !important;padding-left:0 !important;"/>
</body></html>
------------=_1525435956-13373-143--
2394
days inactive
2394
days old
0 comments
1 participants
participants (1)
-
Evgheni Dereveanchin (oVirt JIRA)