Hello, I have read some posts about renewing ovirt CA on the engine when it has expired with engine-setup --offline, but nothing about renewing hosts certificates when they have expired. In such a case, we can't interact anymore with hosts and vms are in an unknown state. The formal solution is to put the concerned host into maintenance and enroll certificate, but it implies to stop vms. Here are some messages we can find For those who are concerned, I wrote an ansible role following https://access.redhat.com/solutions/3532921 https://galaxy.ansible.com/natman/ovirt_renew_certs Let me know if it fits to your needs. -- Nathanaël Blanchet Supervision réseau SIRE 227 avenue Professeur-Jean-Louis-Viala 34193 MONTPELLIER CEDEX 5 Tél. 33 (0)4 67 54 84 55 Fax 33 (0)4 67 54 84 14 blanchet@abes.fr
