On Tue, Oct 10, 2017 at 11:48 PM, ~Stack~ <i.am.stack@gmail.com> wrote:
Greetings,
OS: Scientific Linux 7.3 Ovirt: 4.1.6.2-1.el7.centos Foreman: 1.16.0-RC1
I updated my OVirt SSL cert from a self-signed to a purchased one using the directions here: https://www.ovirt.org/documentation/admin-guide/appe-oVirt_and_SSL/
Everything seems to work from the web interface.
Then I tried to add in Foreman. Thats where I get the error:
Unable to save ERF56-1309 [Foreman::FingerprintException]: The remote system presented a public key signed by an unidentified certificate authority. If you are sure the remote system is authentic, go to the compute resource edit page, press the 'Test Connection' or 'Load Datacenters' button and submit.
Everything I can find says that it *should* be resolved - From Red Hat, to Foreman, to even the Ovirt list! Yet there it is!
Well after poking at it for a while, I realized that the cert Foreman was auto-resolving was still the /OLD/ cert!
Step #2 in those ovirt directions says to break the symbolic link to /etc/pki/ovirt-engine/ca.pem. But it doesn't say what to do with that file. So I replaced it with my cert. Restarted ovirt and now Foreman resolves the correct X509 cert! (I have no idea if that broke something else.)
But I still get the error in foreman. :-(
I feel like I'm still missing something in the ovirt configs. Something needs to be updated/replaced in ovirt that isn't in those docs.
Can anyone help me out please? I've been trying for hours and not making
Hi, are you able to login to oVirt webadmin successfully? If so then oVirt side should be fine. About Foreman, is it installed on the same machine as oVirt? If not could you please check, that your custom CA is included either in host wide truststore or in specific trustore for Foreman (no idea what Foreman is using, better to ask in specific Foreman mailing list). Regards Martin
progress. Thanks!
~Stack~
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users