On Thu, Sep 14, 2023 at 10:26 AM Lars Stolpe <lars.stolpe@bvg.de> wrote:

Hi, I wanted to add short names to the webgui apache certificate. I followed these instructions: „Engine can be accessed using alternate host names (or IP addresses) that can configured by adding a new configuration file (for example /etc/ovirt-engine/engine.conf.d/99-custom-sso-setup.conf) with following content: SSO_ALTERNATE_ENGINE_FQDNS="alias1.example.com alias2.example.com" The list of alternate names has to be listed separated by spaces. It's possible to add also IP addresses of engine host, but using IP addresses instead of DNS names is not considered to be a good practise. Run engine-setup to generate new certificates.“

Where did you copy this from?

Certificates where not renewed. How do i get engine-setup to renew the apache certificate?

engine-setup can renew certificates that were generated by itself, not any random cert. If you add new names to the engine using SSO_ALTERNATE_ENGINE_FQDNS, you usually use certs generated elsewhere, not ones from engine-setup. Best regards, -- Didi