Greetings,

OS: Scientific Linux 7.3
Ovirt: 4.1.6.2-1.el7.centos
Foreman: 1.16.0-RC1

I updated my OVirt SSL cert from a self-signed to a purchased one using
the directions here:
https://www.ovirt.org/documentation/admin-guide/appe-oVirt_and_SSL/

Everything seems to work from the web interface.

Then I tried to add in Foreman. Thats where I get the error:

Unable to save
ERF56-1309 [Foreman::FingerprintException]: The remote system presented
a public key signed by an unidentified certificate authority. If you are
sure the remote system is authentic, go to the compute resource edit
page, press the 'Test Connection' or 'Load Datacenters' button and submit.

Everything I can find says that it *should* be resolved - From Red Hat,
to Foreman, to even the Ovirt list! Yet there it is!

Well after poking at it for a while, I realized that the cert Foreman
was auto-resolving was still the /OLD/ cert!

Step #2 in those ovirt directions says to break the symbolic link to
/etc/pki/ovirt-engine/ca.pem. But it doesn't say what to do with that
file. So I replaced it with my cert. Restarted ovirt and now Foreman
resolves the correct X509 cert! (I have no idea if that broke something
else.)

But I still get the error in foreman. :-(

I feel like I'm still missing something in the ovirt configs. Something
needs to be updated/replaced in ovirt that isn't in those docs.

Can anyone help me out please? I've been trying for hours and not making

progress.
Thanks!

~Stack~



_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users