get UI working throug ALIAS and real hostname
This is a multipart message in MIME format. --=_alternative 004E52CAC12580B2_= Content-Type: text/plain; charset="US-ASCII" If I access the UI via "ALIAS" I get the Error-Page "The client is not authorized to request an authorization. It's required to access the system using FQDN. What can I do to get UI working through ALIAS and real hostname? Thx, Emanuel --=_alternative 004E52CAC12580B2_= Content-Type: text/html; charset="US-ASCII" <font size=2 face="sans-serif">If I access the UI via "ALIAS" I get the Error-Page "The client is not authorized to request an authorization. It's required to access the system using FQDN.</font> <br> <br><font size=2 face="sans-serif">What can I do to get UI working through ALIAS and real hostname?</font> <br> <br><font size=2 face="sans-serif">Thx,</font> <br><font size=2 face="sans-serif">Emanuel</font> --=_alternative 004E52CAC12580B2_=--
On 01/24/2017 03:15 PM, emanuel.santosvarina@mahle.com wrote:
If I access the UI via "ALIAS" I get the Error-Page "The client is not authorized to request an authorization. It's required to access the system using FQDN.
What can I do to get UI working through ALIAS and real hostname?
Thx, Emanuel
Create a 99-whatever-you-like.conf file in /etc/ovirt-engine/engine.conf.d with the following content: SSO_ALTERNATE_ENGINE_FQDNS="thealias" Then restart the engine: systemctl restart ovirt-engine This setting is documented here: https://github.com/oVirt/ovirt-engine/blob/master/packaging/services/ovirt-e...
On 24 January 2017 at 15:15, emanuel.santosvarina@mahle.com wrote:
If I access the UI via "ALIAS" I get the Error-Page "The client is not authorized to request an authorization. It's required to access the system using FQDN.
What can I do to get UI working through ALIAS and real hostname?
The Hosted-Engine should be installed & configured with the correct FQDN to begin with. Changing it post install is currently unsupported & can cause a whole host of problems. There are a couple of documented cases where people have attempted to do so with varying success, but non have come out problem free. I'm currently in the same situation after a company domain change and have decided that the risk of unforeseen issues & potential problems down the line, are far greater than the pain of redeploying & migrating to a new environment. A really hacky hack, without interfering with the engine, would be to try & put a reverse proxy in front, but that'll require a load of dynamic rewriting filters to work. On 24 January 2017 at 11:41, Juan Hernández <jhernand@redhat.com> wrote:
Create a 99-whatever-you-like.conf file in /etc/ovirt-engine/engine.conf.d with the following content:
SSO_ALTERNATE_ENGINE_FQDNS="thealias"
Then restart the engine:
systemctl restart ovirt-engine
This setting is documented here:
https://github.com/oVirt/ovirt-engine/blob/master/ packaging/services/ovirt-engine/ovirt-engine.conf.in#L363-L366
AFAIK, the SSL certificates will still need updating & I've read of people still having other issues due to differing FQDNs. Being able to update the HE's FQDN would be of big interest to me, but I've not yet seen one case where it didn't end with anomalies... -- Doug
On 01/24/2017 03:49 PM, Doug Ingham wrote:
On 24 January 2017 at 15:15, emanuel.santosvarina@mahle.com <mailto:emanuel.santosvarina@mahle.com> wrote:
If I access the UI via "ALIAS" I get the Error-Page "The client is not authorized to request an authorization. It's required to access the system using FQDN.
What can I do to get UI working through ALIAS and real hostname?
The Hosted-Engine should be installed & configured with the correct FQDN to begin with. Changing it post install is currently unsupported & can cause a whole host of problems. There are a couple of documented cases where people have attempted to do so with varying success, but non have come out problem free.
I'm currently in the same situation after a company domain change and have decided that the risk of unforeseen issues & potential problems down the line, are far greater than the pain of redeploying & migrating to a new environment.
A really hacky hack, without interfering with the engine, would be to try & put a reverse proxy in front, but that'll require a load of dynamic rewriting filters to work.
On 24 January 2017 at 11:41, Juan Hernández <jhernand@redhat.com <mailto:jhernand@redhat.com>> wrote:
Create a 99-whatever-you-like.conf file in /etc/ovirt-engine/engine.conf.d with the following content:
SSO_ALTERNATE_ENGINE_FQDNS="thealias"
Then restart the engine:
systemctl restart ovirt-engine
This setting is documented here:
https://github.com/oVirt/ovirt-engine/blob/master/packaging/services/ovirt-e... <https://github.com/oVirt/ovirt-engine/blob/master/packaging/services/ovirt-engine/ovirt-engine.conf.in#L363-L366>
AFAIK, the SSL certificates will still need updating & I've read of people still having other issues due to differing FQDNs. Being able to update the HE's FQDN would be of big interest to me, but I've not yet seen one case where it didn't end with anomalies...
Correct, if the FQDN of the engine changes it is a completely different story. But in this case my understanding is that the objective is accessing the engine using an alternative name, probably a DNS CNAME. In that case changing the configuration as proposed should work.
This is a multipart message in MIME format. --=_alternative 0051F9F9C12580B2_= Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: quoted-printable GREAT! THANKS a lot .. Von: Juan Hern=E1ndez <jhernand@redhat.com> An: emanuel.santosvarina@mahle.com, users@ovirt.org,=20 Datum: 24.01.2017 15:41 Betreff: Re: [ovirt-users] get UI working throug ALIAS and real=20 hostname On 01/24/2017 03:15 PM, emanuel.santosvarina@mahle.com wrote:
If I access the UI via "ALIAS" I get the Error-Page "The client is not authorized to request an authorization. It's required to access the system using FQDN. =20 What can I do to get UI working through ALIAS and real hostname? =20 Thx, Emanuel =20
Create a 99-whatever-you-like.conf file in /etc/ovirt-engine/engine.conf.d with the following content: SSO=5FALTERNATE=5FENGINE=5FFQDNS=3D"thealias" Then restart the engine: systemctl restart ovirt-engine This setting is documented here: https://github.com/oVirt/ovirt-engine/blob/master/packaging/services/ovirt-= engine/ovirt-engine.conf.in#L363-L366 --=_alternative 0051F9F9C12580B2_= Content-Type: text/html; charset="ISO-8859-1" Content-Transfer-Encoding: quoted-printable <font size=3D2 face=3D"sans-serif">GREAT! THANKS a lot ..</font> <br> <br> <br> <br><font size=3D1 color=3D#5f5f5f face=3D"sans-serif">Von: &= nbsp; </font><font size=3D1 face=3D"sans-serif">Juan Hern=E1ndez <jherna= nd@redhat.com></font> <br><font size=3D1 color=3D#5f5f5f face=3D"sans-serif">An: &n= bsp; </font><font size=3D1 face=3D"sans-serif">emanuel.santosvarina@mahle.= com, users@ovirt.org, </font> <br><font size=3D1 color=3D#5f5f5f face=3D"sans-serif">Datum: = </font><font size=3D1 face=3D"sans-serif">24.01.2017 15:41</font> <br><font size=3D1 color=3D#5f5f5f face=3D"sans-serif">Betreff: &nbs= p; </font><font size=3D1 face=3D"sans-serif">Re: [ovirt-users] get UI working throug ALIAS and real hostname</font> <br> <hr noshade> <br> <br> <br><tt><font size=3D2>On 01/24/2017 03:15 PM, emanuel.santosvarina@mahle.c= om wrote:<br> > If I access the UI via "ALIAS" I get the Error-Page "The client is not<br> > authorized to request an authorization. It's required to access the<br> > system using FQDN.<br> > <br> > What can I do to get UI working through ALIAS and real hostname?<br> > <br> > Thx,<br> > Emanuel<br> > <br> <br> Create a 99-whatever-you-like.conf file in<br> /etc/ovirt-engine/engine.conf.d with the following content:<br> <br> SSO=5FALTERNATE=5FENGINE=5FFQDNS=3D"thealias"<br> <br> Then restart the engine:<br> <br> systemctl restart ovirt-engine<br> <br> This setting is documented here:<br> <br> <br> </font></tt><a href=3D"https://github.com/oVirt/ovirt-engine/blob/master/pa= ckaging/services/ovirt-engine/ovirt-engine.conf.in#L363-L366"><tt><font siz= e=3D2>https://github.com/oVirt/ovirt-engine/blob/master/packaging/services/= ovirt-engine/ovirt-engine.conf.in#L363-L366</font></tt></a><tt><font size= =3D2><br> <br> </font></tt> <br> --=_alternative 0051F9F9C12580B2_=--
Tested and working nice on my setup (Ovirt 4.0.5). Thanks! AG -----Original Message----- From: users-bounces@ovirt.org [mailto:users-bounces@ovirt.org] On Behalf Of Juan Hernández Sent: Tuesday, January 24, 2017 3:41 PM To: emanuel.santosvarina@mahle.com; users@ovirt.org Subject: Re: [ovirt-users] get UI working throug ALIAS and real hostname On 01/24/2017 03:15 PM, emanuel.santosvarina@mahle.com wrote:
If I access the UI via "ALIAS" I get the Error-Page "The client is not authorized to request an authorization. It's required to access the system using FQDN.
What can I do to get UI working through ALIAS and real hostname?
Thx, Emanuel
Create a 99-whatever-you-like.conf file in /etc/ovirt-engine/engine.conf.d with the following content: SSO_ALTERNATE_ENGINE_FQDNS="thealias" Then restart the engine: systemctl restart ovirt-engine This setting is documented here: https://github.com/oVirt/ovirt-engine/blob/master/packaging/services/ovirt-e... _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
participants (4)
-
Andrea Ghelardi -
Doug Ingham -
emanuel.santosvarina@mahle.com -
Juan Hernández