Hello George,

Probably your engine and provider certs do not match.
The engine pki should be in:
    /etc/pki/ovirt-engine/certs/
The provider keys are defined in the SSL section of the config file (/etc/ovirt-provider-ovn/conf.d/...):
    [SSL]
    https-enabled=true
    ssl-key-file=...
    ssl-cert-file=...
    ssl-cacert-file=...
You can compare the keys/certs using openssl.

Was the provider created using egine-setup?

For testing purposes you can change the "https-enabled" to false and try connecting using http.

Thanks,
Marcin

On Thu, Feb 8, 2018 at 12:58 PM, Ilya Fedotov <kosha79@gmail.com> wrote:
Hello, Georgy

 Maybe, the problem have the different domain name and name your node name(local domain), and certificate note valid.



with br, Ilya

2018-02-05 22:36 GMT+03:00 George Sitov <usual.man@gmail.com>:
Hello!

I have a problem  wiith configure  external provider.

Edit config file - ovirt-provider-ovn.conf, set ssl parameters.
systemctl start ovirt-provider-ovn start without problem.
In external  proveder in web gui i set:
Provider URL:  https://ovirt.mydomain.com:9696
Username: admin@internal
Authentication URL: https://ovirt.mydomain.com:35357/v2.0/
But after i press test  button i see error -  Failed to communicate with the external provider, see log for additional details.

/var/log/ovirt-engine/engine.log:
2018-02-05 21:33:55,517+02 ERROR [org.ovirt.engine.core.bll.provider.network.openstack.BaseNetworkProviderProxy] (default task-29) [69fa312e-6e2e-4925-b081-385beba18a6a] Bad Gateway (OpenStack response error code: 502)
2018-02-05 21:33:55,517+02 ERROR [org.ovirt.engine.core.bll.provider.TestProviderConnectivityCommand] (default task-29) [69fa312e-6e2e-4925-b081-385beba18a6a] Command 'org.ovirt.engine.core.bll.provider.TestProviderConnectivityCommand' failed: EngineException: (Failed with error PROVIDER_FAILURE and code 5050)

In /var/log/ovirt-provider-ovn.log:

2018-02-05 21:33:55,510   Starting new HTTPS connection (1): ovirt.astrecdata.com
2018-02-05 21:33:55,516   [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579)
Traceback (most recent call last):
  File "/usr/share/ovirt-provider-ovn/handlers/base_handler.py", line 126, in _handle_request
    method, path_parts, content)
  File "/usr/share/ovirt-provider-ovn/handlers/selecting_handler.py", line 176, in handle_request
    return self.call_response_handler(handler, content, parameters)
  File "/usr/share/ovirt-provider-ovn/handlers/keystone.py", line 33, in call_response_handler
    return response_handler(content, parameters)
  File "/usr/share/ovirt-provider-ovn/handlers/keystone_responses.py", line 60, in post_tokens
    user_password=user_password)
  File "/usr/share/ovirt-provider-ovn/auth/plugin_facade.py", line 26, in create_token
    return auth.core.plugin.create_token(user_at_domain, user_password)
  File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/plugin.py", line 48, in create_token
    timeout=self._timeout())
  File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 62, in create_token
    username, password, engine_url, ca_file, timeout)
  File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 53, in wrapper
    response = func(*args, **kwargs)
  File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 46, in wrapper
    raise BadGateway(e)
BadGateway: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579)

Whan i do wrong ?
Please help.

----
With best regards  Georgii.

_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users



_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users