[ovirt-users] oVirt management has lost its SSL.

This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --jqakiCaOmFP9f4FpGI29oNeauWoOxF3aM Content-Type: multipart/mixed; boundary="66cCtMpFhTKBqqwQAsjplKCPdvE5mwege"; protected-headers="v1" From: ~Stack~ <i.am.stack(a)gmail.com&gt; To: users <users(a)ovirt.org&gt; Message-ID: <4db29c1e-4031-aece-e736-855879c5c023(a)gmail.com&gt; Subject: oVirt management has lost its SSL. --66cCtMpFhTKBqqwQAsjplKCPdvE5mwege Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable Greetings, OS: Scientific Linux 7.4 oVirt: 4.1 Everything fully updated. Everything was working great. I received my new network card today to upgrade my ovirt management node (physical node; not self-hosted), took the machine down, swapped the card, and brought it up to many many errors= =2E Here's the basic break-down of my discoveries. 1) My /etc/pki/ovirt-engine/.trustedstore was corrupt. I had lots of messages in my engine.log about it being corrupt. Restored from backup, and oVirt engine was really peeved for not having my domain cert in it (tons of messages in the engine.log file)...figured out how to add my domain cert and it seemed OK. Which led me to... 2) My /etc/pki/ovirt-engine/keys/engine.p12 and /etc/pki/ovirt-engine/keys/apache.p12 are _gone_. Don't have them in my backups either. This results in a massive java dump when I try to start the engine service. 3) I noticed that I had /etc/pki/ovirt-engine/keys/engine.p12.201711021302 which is a time stamp corresponding to when I shut the node down. Then I noticed, that I was missing dang near EVERY file in /etc/pki/ovirt-engine but I had an equivalent file with the ".201711021302" extension. So a touch of bash and I copied all of my "*.201711021302" files with the proper user/group/permissions into their base name. Hooray! No more errors in the log files and all services start!! 4) I open my web browser and head to my management host...and I get this error: Keystore was tampered with, or password was incorrect Well...yeah. I had to fix it in step one. :-/ I'm not getting anything useful out of my Internet searching. I don't know what went wrong or why, but my SSL is just borked. Any suggestions? Thoughts? Ideas? Is there a way to just blow away and start over with the SSL _without_ destroying the VM's (which fortunately they all seem to still be functional!)? Any help would be greatly appreciated. Thanks! ~Stack~ --66cCtMpFhTKBqqwQAsjplKCPdvE5mwege-- --jqakiCaOmFP9f4FpGI29oNeauWoOxF3aM Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" --jqakiCaOmFP9f4FpGI29oNeauWoOxF3aM--