All,
I recently bought a wildcard certificate for my lab domain (shadowman.dev) and I replaced all the certs on my RHV4.3 machine per our documentation.  The WebUI presents the certs successfully and without any issues, and everything seemed to be fine, until I tried to upload a disk image (or an ISO) to my storage domain.  I get this error in the events tab:

https://share.getcloudapp.com/p9uPvegx
image.png

I also see that the disk is showing up in my storage domain, but its showing "Paused by System" and I can't do anything with it.  I cant even delete it!

I have tried following this document to fix the issue, but it didn't work: https://access.redhat.com/solutions/4148361

I am seeing this error pop into my engine.log:  https://pastebin.com/kDLSEq1A

And I see this error in my image-proxy.log: 
WARNING 2020-07-24 15:26:34,802 web:137:web:(log_error) ERROR [172.17.0.30] PUT /tickets/ [403] Error verifying signed ticket: Invalid ovirt ticket (data='------my_ticket_data-----', reason=Untrusted certificate) [request=0.002946/1]

Now, when I bought my wildcard, I was given a root certificate for the CA, as well as a separate intermediate CA certificate from the provider.  Likewise, they gave me a certificate and a private key of course. The root and intermediate CA's certificates have been added to /etc/pki/ca-trust/source/anchors/ and I did an update-ca-trust.   

I also started experiencing issues with the ovpn network provider at the same time I replaced the SSL certs, but I disregarded it at the time, but now I am thinking its related.  Any advice on what to look for to fix the ovirt-imageio-proxy?

Thanks!


Lynn Dixon | Red Hat Certified Architect #100-006-188
Solutions Architect | NA Commercial
Google Voice: 423-618-1414
Cell/Text: 423-774-3188