Please, any help with this? El 29/9/21 a las 13:21, nicolas(a)devels.es escribió:

Thanks, this put me in the correct track. In my case, I just needed to run step 2, as the rest of the configuration is being handled in a different way and works well. I also tried to restart the host and it still works. Thanks for the help! El 2021-10-01 00:13, Edward Berger escribió: > I have an engine with a similar issue. > You might want to revert to the old self signed cert created by > installation, and then follow the instructions at > https://ovirt.org/documentation/administration_guide/index.html > to try re-installing the third party cert after you're sure the > original cert is working properly. > > My temp fix for this (didn't survive an engine VM reboot) was to cat > the cert I was installing with its intermediate-root cert into > > a file named full.crt and then running a command as root like... > > keytool -import -trustcacerts -keystore /etc/pki/java/cacerts > -storepass changeit -alias "$YOURALIAS" -import -file full.crt > and then systemctl restart ovirt-engine #to pick up the change. > > Still trying to track down what's different on this one vs others that > work. > > key size is larger > cert has alternative name. > > On Thu, Sep 30, 2021 at 4:47 PM Nicolás <nicolas(a)devels.es&gt; wrote: > >> Please, any help with this? >> >> El 29/9/21 a las 13:21, nicolas(a)devels.es escribió: >>> Hi, >>> >>> I'm making a bare metal oVirt installation, version 4.4.8. >>> 'ovirt-engine' command ends well, however, we're using a >> third-party >>> certificate (from LetsEncrypt) both for the apache server and the >>> ovirt-websocket-proxy. So we changed configuration files regarding >> >>> httpd and ovirt-websocket-proxy. >>> >>> Once changed the configurations, if I try to log in to the oVirt >>> engine, I get a "PKIX path building failed: >>> sun.security.provider.certpath.SunCertPathBuilderException: unable >> to >>> find valid certification path to requested target" error. >>> >>> In prior versions we used to add the chain to the >>> /etc/pki/ovirt-engine/.truststore file, however, simply listing >> the >>> current certificates seems not to be working on 4.4.8. >>> >>> # LANG=C keytool -list -keystore >> /etc/pki/ovirt-engine/.truststore >>> -alias intermedia_le -storepass mypass >>> keytool error: java.io.IOException: Invalid keystore format >>> >>> Is there something I'm missing here? >>> >>> Thank >>> _______________________________________________ >>> Users mailing list -- users(a)ovirt.org >>> To unsubscribe send an email to users-leave(a)ovirt.org >>> Privacy Statement: https://www.ovirt.org/privacy-policy.html >>> oVirt Code of Conduct: >>> https://www.ovirt.org/community/about/community-guidelines/ >>> List Archives: >>> >> > https://lists.ovirt.org/archives/list/users@ovirt.org/message/5VWVBQGIWJS... >> _______________________________________________ >> Users mailing list -- users(a)ovirt.org >> To unsubscribe send an email to users-leave(a)ovirt.org >> Privacy Statement: https://www.ovirt.org/privacy-policy.html >> oVirt Code of Conduct: >> https://www.ovirt.org/community/about/community-guidelines/ >> List Archives: >> > https://lists.ovirt.org/archives/list/users@ovirt.org/message/VKYBE6TJZFM...