Hi, Now certificates on engine and hosts don’t match, engine and vdsm services on hosts can’t handshake. Here it is: jlsanz - at - albasoft - dot - com
On 30 Aug 2022, at 13:06, vk@itiviti.com wrote:
Hi Andrei,
thx a lot for your answer.
I tried several time the engine-setup command but it always ends with same above error.
DO you have the email of Jose?
A colleague renewed the cert manually on the engine whith these commands:
# SUBJECT="$(openssl x509 -subject -noout -in /etc/pki/ovirt-engine/certs/apache.cer.20220829164912 | sed 's/subject= //')" # /usr/share/ovirt-engine/bin/pki-enroll-pkcs12.sh --name=apache --password="@PASSWORD@" --subject=/C=US/O=<domain_suffix>/CN=<engine fqdn> # openssl pkcs12 -passin "pass:@PASSWORD@" -nokeys -in /etc/pki/ovirt-engine/keys/apache.p12 > /etc/pki/ovirt-engine/certs/apache.cer # openssl pkcs12 -passin "pass:@PASSWORD@" -nocerts -nodes -in /etc/pki/ovirt-engine/keys/apache.p12 > /etc/pki/ovirt-engine/keys/apache.key.nopass # chmod 0600 /etc/pki/ovirt-engine/keys/apache.key.nopass # systemctl restart httpd.service ovirt-engine.service
but now, our 2 hosts are unresponsive...
Thx _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-leave@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/TOKUA5HCM2SSDS...