[root@control1 ovirt-engine]# openssl s_client -showcerts -connect 192.168.101.16:54321 | openssl x509 -text -noout | grep -A2 Validity
Can't use SSL_get_servername
depth=1 C = US, O = opentech.local, CN = control1.opentech.local.54279
verify error:num=19:self signed certificate in certificate chain
verify return:1
depth=1 C = US, O = opentech.local, CN = control1.opentech.local.54279
verify return:1
depth=0 O = opentech.local, CN = 192.168.101.16
verify return:1
140358921414464:error:1409445C:SSL routines:ssl3_read_bytes:tlsv13 alert certificate required:ssl/record/rec_layer_s3.c:1543:SSL alert number 116
Validity
Not Before: Jan 10 16:57:10 2022 GMT
Not After : Feb 13 16:57:10 2023 GMT
[root@control1 ovirt-engine]# gunzip -c *\.gz | ack 'certification is about to expire' | grep ovirt-host6 | awk '{print $1 " " $2 " " $10}'
2022-01-11 20:57:33,890+07 ovirt-host6.opentech.local
2022-01-12 20:57:33,925+07 ovirt-host6.opentech.local
2022-01-13 20:57:33,958+07 ovirt-host6.opentech.local
Yesterday I was restarted ovirt-engine, now this alerts are gone
The certificate enrolling routine should be documented
Thanks,
k
Martin, is this something which can fit in oVirt administration documentation?
Konstantin, what's the purpose of getting the certificate's dates?