[ovirt-users] Re: ovirt-dr generate
On Mon, Apr 11, 2022 at 1:39 PM Colin Coe <colin.coe(a)gmail.com> wrote:
Hi all
I'm trying to run ovirt-dr generate but its failing:
/usr/share/ansible/collections/ansible_collections/redhat/rhv/roles/disaster_recovery/files/ovirt-dr
generate
Log file: '/tmp/ovirt-dr-1649673243333.log'
[Generate Mapping File] Connection to setup has failed. Please check your credentials:
URL: https://server.fqdn/ovirt-engine/api
user: admin@internal
CA file: ./ca.pem
ca.pem is likely engine self signed certificate...
[Generate Mapping File] Failed to generate var file.
When I examine the log file:
2022-04-11 18:34:03,332 INFO Start generate variable mapping file for oVirt ansible
disaster recovery
2022-04-11 18:34:03,333 INFO Site address: https://server.fqdn/ovirt-engine/api
username: admin@internal
password: *******
ca file location: ./ca.pem
output file location: ./disaster_recovery_vars.yml
ansible play location: ./dr_play.yml
2022-04-11 18:34:03,343 ERROR Connection to setup has failed. Please check your
credentials:
URL: https://server.fqdn/ovirt-engine/api
user: admin@internal
CA file: ./ca.pem
2022-04-11 18:34:03,343 ERROR Error: Error while sending HTTP request: (60, 'SSL
certificate problem: unable to get local issuer certificate')
2022-04-11 18:34:03,343 ERROR Failed to generate var file.
My suspicion is that the script doesn't like third party certs.
Has anyone got this working with third party certs? If so, what did you need to do?
But you are using a 3rd party certificate, so you need to use the
right certificate.
Depending on the code, an empty ca_file can work, or you need to point it to the
actual ca file installed in the system.
I think Didi can help with this.
Nir