[ovirt-users] Re: Use public-signed SSL certs?

Wednesday, 30 January 2019

Digging a little deeper... if I add the Let's Encrypt CA to
/etc/pki/ovirt-engine/.truststore, imageio-proxy works (I can
successfully upload an ISO), so I guess the issue is that imageio-proxy
uses the same cert for web and engine communication and the engine
wasn't happy with the public-CA-signed cert.

So, rather than point part of the engine at a separate trust store (as
the docs recommend), maybe just add the public CA to the engine's
existing trust store?

However, while digging, I also noticed that now the engine is not
communicating with ovirt-provider-ovn, possibly due to a similar issue?
It is having the reverse problem; it rejects the engine's cert.

This is all on 4.2.8 BTW.
-- 
Chris Adams <cma(a)cmadams.net&gt;

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

[ovirt-users] Re: Use public-signed SSL certs?