On 10/03/2014 02:45 PM, Koen Vanoppen wrote:
Dear all,
I wanted to connected to the ovirt-shell; But I get following error:
The host name "ovirt.brusselsairport.aero <http://ovirt.brusselsairport.aero>" contained in the URL doesn't match any of the names in the server certificate.
This means that there is mismatch between the host name that you use and the name contained in the certificate used by the engine web server. This check is a typical security measure to avoid man in the middle attacks when using SSL. I'd suggest you check the certificate of used by the web server. In my environment, for example: # grep '^SSLCertificateFile' /etc/httpd/conf.d/ssl.conf SSLCertificateFile /etc/pki/ovirt-engine/certs/apache.cer # openssl x509 -in /etc/pki/ovirt-engine/certs/apache.cer -subject -noout subject= /C=US/O=Example Inc./CN=ovirt.example.com The relevant part here is the CN, it should match the name that you put in the "url" parameter of the ovirt-shell. If for whatever the reason you still want to connect using an incorrect host name you can do so setting the "insecure" parameter to True.
My config file: [cli] autoconnect = True autopage = True [ovirt-shell] username = admin timeout = 5 extended_prompt = True url = https://ovirt.brusselsairport.aero/api insecure = False renew_session = False filter = False session_timeout = None ca_file = /root/ca.crt dont_validate_cert_chain = True key_file = None password = ****** #cert_file = None
Ideas?
Kind regards,
Koen
-- Dirección Comercial: C/Jose Bardasano Baos, 9, Edif. Gorbea 3, planta 3ºD, 28016 Madrid, Spain Inscrita en el Reg. Mercantil de Madrid – C.I.F. B82657941 - Red Hat S.L.