[ovirt-users] Re: PKIX path error

On 2020-05-29 08:08, Martin Perina wrote: Hi Stack, if I understand correctly your custom SSL certificates are working correctly and you are able to login to webadmin using admin@internal, right? Correct. If the problem is, that your aaa-ldap profile is not visible in the login dialog, then there is some issue with aaa-ldap configuration. You have mentioned that you used ovirt-engine-extension-aaa-ldap-setup tool to create you aaa-ldap profile, have you executed login and search operation at the end of setup tool? If so, were they successful? I did and yes they were. Anyway right you can use following command to debug your aaa extensions setup: # ovirt-engine-extensions-tool info list-extensions Using above command, could you see authn and authz instance of your aaa-ldap profile? I do see both authz and authn. If so, please try below tests: 1. Checking is user search is working: # ovirt-engine-extensions-tool aaa search --extension-name=<YOUR PROFILE AUTHZ NAME> --entity-name=<VALID LDAP USERNAME> It does work and it returns valid information. 2. Checking if login is working # ovirt-engine-extensions-tool aaa login-user --profile=<YOUR PROFILE NAME> --user-name=<VALID LDAP USERNAME> A result=SUCCESS on that too! However, I still don't see a second profile option on the web login. Thanks for responding and giving me some help!