To reply to my own email:

This is now fixed.

I originally ran these steps for the upgrade:

# yum install http://resources.ovirt.org/pub/yum-repo/ovirt-release40.rpm
# yum update "ovirt-engine-setup*"
# engine-setup

There were no errors reported during the process. I could login as the internal user without any errors. It was just using an external provider, which made me think it was an aaa issue, so I looked

at the certificate exported from AD which had an expiry of 2063.

I tried running engine-setup again, and this fixed the issue. I have no idea what happened along the way, I will check the logs. I notice it reports:

[ INFO ] Upgrading CA

so it looks like it creates a cert. Why it would have created one with such a short expiry date is a mystery to me.

Hope this helps anyone who might come across this issue

Cheers,

Cam

On Mon, Nov 7, 2016 at 7:03 PM, cmc <iucounu@gmail.com> wrote:

Hi,

I upgraded my engine host from 4.0.2.7 to 4.0.4 and when I attempt to login via a aaa provider I get:

java.security.cert.CertificateExpiredException: NotAfter: Fri Nov 04 00:19:18 GMT 2016,

What certificate is this referring to? The certificate from the aaa provider expires in 2063.

It was fine until the upgrade.

Thanks for any help,

Cam