This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --4BFXM4dprdXvY9i0EwAh1haI8NcHpGu91 Content-Type: multipart/mixed; boundary="HEq0HKrZuQcDum2lNJDexCSlzddd54KDf"; protected-headers="v1" From: ~Stack~ <i.am.stack@gmail.com> To: Yedidyah Bar David <didi@redhat.com>, Yaniv Kaul <ykaul@redhat.com> Cc: users <users@ovirt.org> Message-ID: <9c8ad0ff-9510-d524-9dc6-310666264876@gmail.com> Subject: Re: [ovirt-users] Issue with 4.2.1 RC and SSL References: <ff271e8b-7ec9-f0b6-6e00-511c5aad1b27@gmail.com> <CAMuConxhWp=LStDpGCwCo5vK31qFd_2cLLf-WzXELwMSHDws6g@mail.gmail.com> <4179b0be-6579-d86e-dc2e-e64c5e3cb57b@gmail.com> <CAJgorsa9wyT4AT0gZx0JD2teh25yg0HgHwSntfCoyAtwx3_W2w@mail.gmail.com> <CAHRwYXsL1T3kCkdExQfQ2+4j4kk00FFGCbi4erzhqFNDmSyzSA@mail.gmail.com> In-Reply-To: <CAHRwYXsL1T3kCkdExQfQ2+4j4kk00FFGCbi4erzhqFNDmSyzSA@mail.gmail.com> --HEq0HKrZuQcDum2lNJDexCSlzddd54KDf Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 02/11/2018 02:41 AM, Yedidyah Bar David wrote:
On Sun, Feb 11, 2018 at 10:26 AM, Yaniv Kaul <ykaul@redhat.com> wrote:
On Sun, Feb 11, 2018 at 2:43 AM, ~Stack~ <i.am.stack@gmail.com> wrote:=
[snip]
We decided to just start from scratch and my coworker watched and confirmed every step. It works! No problems at all this time. Further=
evidence that I goofed _something_ up the first time.
We should really have an Ansible role that performs the conversion to self-signed certificates. That would make the conversion easier and safer. =20 +1 =20 Not sure "self-signed" is the correct term here. Also the internal engine CA's cert is self-signed. =20 I guess you refer to this: =20 https://www.ovirt.org/documentation/admin-guide/appe-oVirt_and_SSL/ =20 I'd call it "configure-3rd-party-CA" or something like that.
Greetings, Another +1 from me (obviously! :-). I also agree in that we are not doing a self-signed cert, but rather we've purchased a cert from one of the big-name-CA-vendors that is valid for our domain. "configure-3rd-party-CA" makes more sense to me. Lastly, that is the link that I used for a guide. Thanks! ~Stack~ --HEq0HKrZuQcDum2lNJDexCSlzddd54KDf-- --4BFXM4dprdXvY9i0EwAh1haI8NcHpGu91 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJagLiUAAoJELkej+ysXJPmISAP/j244ZJaeOwD6DgasjjO+8on Ocb4h8PAt6W2aFIVSOW63XyE78gxaLI92p2yFB/lK2YSEmPM0vZH385BMswNZOSR ms16EEmOPM7zAbd4YSZW0N+VEHvOgwp6tUA5JXR5mb0n6a1+ioPC9jTOAgd+bdIZ WqdCnDpjij5cEz22Iptv2FMgCYNU1oA6HKXb3Mvlfl6Q9Aj+xx66wyAgVnMuII8I dQQKfKMVKmak691p0eNdByjOw0k3ShdYDjsSyetwe6RSZhKH+PjIBSLrvS9CsseI EDFC4ZyZ+NxWqUw0n+t3PTFMnOSW6lZ/RPzEcKROSY0CFE0DyULRbQATV5co+NCo CnH2HzIxbQ7m+n4QzzP+fGlnbSwHkSaI8+iKQCvVkplXTsXaktm4McH6qw6ctbgg UU3/5genkTvva9A39U5Q37XW3D+xnIlIyqlaUEp57OGrrwpujrLwBWoHCFpePegB 6T3g8qQrI8sjzeVFVJWdzfZawMk43btbBSLhUNu0oGMovM0iQd26K5kqatwYCPaY k9QA17+UWAkVlQMqz+Hif+yMYcNPaa/g88Sg+3qGQyPAh8NVcYlcwEfmGnjOxAv7 IHrrhbO7nlaf97ujNPdkWTAS2TQOoW0eaXE3beVl7RRXj/wD5Gcm7S43BfDS8VR+ aJZRPGPc9nRK8eU1UTra =cpoB -----END PGP SIGNATURE----- --4BFXM4dprdXvY9i0EwAh1haI8NcHpGu91--