Re: [ovirt-users] Unable to login to the WEB UI
Hi,
please follow steps as described in BZ:
1. Create /etc/ovirt-engine/engine.conf.d/99-custom-truststore.conf (you
may choose different filename but it has to end with '.conf' suffix) with
following content:
ENGINE_HTTPS_PKI_TRUST_STORE="<full path to your java keystore>"
ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD="<password to your java
keystore>"
2. Restart the engine
If the above doesn't work please attach server.log/engine.log
Thanks
Martin Perina
On Wed, Aug 3, 2016 at 2:49 PM, Fabrice Bacchella <
fabrice.bacchella(a)icloud.com> wrote:
Indeed, the certificate for the web interface is not coming from
ovirt's
internal PKI, but from our own internal one.
I have a custom trust store not located in /etc/pki/java/cacerts, I did
try to add ENGINE_PROPERTIES="${ENGINE_PROPERTIES}
javax.net.ssl.trustStore=.../allmyca.jks
javax.net.ssl.trustStorePassword=''" in a file in
/etc/ovirt-engine/engine.conf.d but it didn't help.
Can I add them in /etc/pki/ovirt-engine/.truststore ?
>
> Le 3 août 2016 à 13:22, Martin Perina <mperina(a)redhat.com> a écrit :
>
> Hi,
>
> are you using HTTPS certificate signed by external CA? If so please
follow steps described in Doc Text of
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1336838
>
> Thanks
>
> Martin Perina
>
>
> On Wed, Aug 3, 2016 at 1:18 PM, Fabrice Bacchella <
fabrice.bacchella(a)icloud.com> wrote:
> After the upgrad, I'm unable to log in, I'm getting the following error:
>
> sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
valid certification path
> to requested target
>
>
> Where should I look to correct that ?
> _______________________________________________
> Users mailing list
> Users(a)ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
Attachments:
- attachment.html (text/html — 3.3 KB)