Good morning ,

"You need to have correctly set up engine FQDN and it has to be resolvable. If you don't have correctly set engine FQDN, you can fix that ​​using ovirt​-engine-rename tool, more info can be found at:

https://www.ovirt.org/documentation/how-to/networking/changing-engine-hostname/ "

can I make the procedure with host and vms in production?

Thanks.

2016-08-03 14:34 GMT-03:00 Martin Perina <mperina@redhat.com>:


On Wed, Aug 3, 2016 at 5:25 PM, Fabrice Bacchella <fabrice.bacchella@icloud.com> wrote:
Next step :

The UI says, even with a restarted navigator:

org.codehaus.jackson.JsonParseException: Unexpected character ('<' (code 60)): expected a valid value (number, String, array, object, 'true', 'false' or 'null') at [Source: java.io.StringReader@74749f78; line: 3, column: 2]

​I haven't seen this error before, could you please share server.log and engine.log?
 


I shift-reload, got a welcome screen, click on "Administration portal". I then got a warning. The vhost for ovirt is "ovirt.mydomain", but I got a redirect to:
https://ovirt.mydomain/ovirt-engine/webadmin/sso/login?&app_url=https%3A%2F%2Fovirt.mydomain%2Fovirt-engine%2Fwebadmin%2F%3Flocale%3Den_US&locale=en_US
that then redirect to:
https://realhost.mydomain:443/ovirt-engine/sso/oauth/authorize?client_id=ovirt-engine-core&response_type=code&redirect_uri=https%3A%2F%2Fovirt.mydomain%3A443%2Fovirt-engine%2Fwebadmin%2Fsso%2Foauth2-callback&scope=ovirt-app-admin+ovirt-app-portal+ovirt-ext%3Dauth%3Asequence-priority%3D%7E&state=5ku3vXkfb10

And it fail with again with still:
org.codehaus.jackson.JsonParseException: Unexpected character ('<' (code 60)): expected a valid value (number, String, array, object, 'true', 'false' or 'null') at [Source: java.io.StringReader@328a4512; line: 3, column: 2]​ 

Many requests were send to ovirt.mydomain, but just one to realhost.mydomain:443, I don't know why.

​You need to have correctly set up engine FQDN and it has to be resolvable. If you don't have correctly set engine FQDN, you can fix that ​
​using ovirt​-engine-rename tool, more info can be found at:

https://www.ovirt.org/documentation/how-to/networking/changing-engine-hostname/

Also be aware that you need to use that engine FQDN to access oVirt 4.0


I didn't ask for any SSO, I already use my own (CAS), it was working well and the update never ask for activating something new.

​This is one of the oVirt 4.0 features​, we have implemented OAUTH SSO for all engine parts: webadmin, userportal and restapi. If you are using CAS (althought it's officially supported by oVirt), that probably means you have configured cas authentication on Apache, passing authenticated username using aaa-misc as authn extension and aaa-ldap as authz extension (to get group memberships for authenticated user). If that's true then please take a look at

https://bugzilla.redhat.com/show_bug.cgi?id=1342192

there are some changes on Apache configuration (the bug is for kerberos, but I suspect similar config is needed also for cas module in apache).



> Le 3 août 2016 à 15:09, Martin Perina <mperina@redhat.com> a écrit :
>
> Hi,
> please follow steps as described in BZ:
>
> 1. Create /etc/ovirt-engine/engine.conf.d/99-custom-truststore.conf (you may choose different filename but it has to end with '.conf' suffix) with following content:
>
>   ENGINE_HTTPS_PKI_TRUST_STORE="<full path to your java keystore>"
>   ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD="<password to your java keystore>"
>
> 2. Restart the engine
>
> If the above doesn't work please attach server.log/engine.log
>
> Thanks
>
> Martin Perina



_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users