5:04 p.m.
I have an oVirt 4.1 cluster that was initially installed with 3.5 in
2014. The SSL certificates on the physical hosts in
/etc/pki/vdsm/libvirt-spice have a problem - the "not before" date is
invalid (it doesn't include a time zone), and so I can't connect to VM
consoles from a client with OpenSSL 1.1.0i (up to date Fedora 27).
How can I regenerate these certificates?
Also, I noticed they expire next year - is that expiration handled
automatically?
--
Chris Adams <cma(a)cmadams.net>
2:59 p.m.
Hello Chris,
engine-setup should renew the certificates, the event notifier can
send warnings about expired or expiring certificates.
Regards,
Paul S.
________________________________________
From: Chris Adams <cma(a)cmadams.net>
Sent: 02 October 2018 15:04
To: users(a)ovirt.org
Subject: [ovirt-users] Bad libvirt-spice certificate - regenerate?
I have an oVirt 4.1 cluster that was initially installed with 3.5 in
2014. The SSL certificates on the physical hosts in
/etc/pki/vdsm/libvirt-spice have a problem - the "not before" date is
invalid (it doesn't include a time zone), and so I can't connect to VM
consoles from a client with OpenSSL 1.1.0i (up to date Fedora 27).
How can I regenerate these certificates?
Also, I noticed they expire next year - is that expiration handled
automatically?
--
Chris Adams <cma(a)cmadams.net>
_______________________________________________
Users mailing list -- users(a)ovirt.org
To unsubscribe send an email to users-leave(a)ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/3EMV5VLZMMT...
To view the terms under which this email is distributed, please go to:-
http://disclaimer.leedsbeckett.ac.uk/disclaimer/disclaimer.html
4:06 p.m.
Is there a way to force the libvirt-spice certificates to be renewed now
(since they are invalid and keeping me from connecting to VM consoles)?
Once upon a time, Staniforth, Paul <P.Staniforth(a)leedsbeckett.ac.uk> said:
Hello Chris,
engine-setup should renew the certificates, the event notifier can
send warnings about expired or expiring certificates.
Regards,
Paul S.
________________________________________
From: Chris Adams <cma(a)cmadams.net>
Sent: 02 October 2018 15:04
To: users(a)ovirt.org
Subject: [ovirt-users] Bad libvirt-spice certificate - regenerate?
I have an oVirt 4.1 cluster that was initially installed with 3.5 in
2014. The SSL certificates on the physical hosts in
/etc/pki/vdsm/libvirt-spice have a problem - the "not before" date is
invalid (it doesn't include a time zone), and so I can't connect to VM
consoles from a client with OpenSSL 1.1.0i (up to date Fedora 27).
How can I regenerate these certificates?
Also, I noticed they expire next year - is that expiration handled
automatically?
--
Chris Adams <cma(a)cmadams.net>
_______________________________________________
Users mailing list -- users(a)ovirt.org
To unsubscribe send an email to users-leave(a)ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/3EMV5VLZMMT...
To view the terms under which this email is distributed, please go to:-
http://disclaimer.leedsbeckett.ac.uk/disclaimer/disclaimer.html
--
Chris Adams <cma(a)cmadams.net>
2241
days inactive
2244
days old
3 comments
3 participants
participants (3)
-
Chris Adams -
p.staniforth@leedsbeckett.ac.uk -
Staniforth, Paul