12:11 p.m.
--Apple-Mail=_F7422B19-9C53-401B-B9C1-3EB9A88300B1
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=utf-8
Le 11 ao=C3=BBt 2016 =C3=A0 11:37, Fabrice Bacchella =
<fabrice.bacchella(a)icloud.com> a =C3=A9crit :
=20
=20
> Le 11 ao=C3=BBt 2016 =C3=A0 09:31, Martin Perina <mperina(a)redhat.com =
<mailto:mperina@redhat.com>> a =C3=A9crit :
>=20
> Hi Fabrice,
>=20
> so it seems to me that ovirt-engine-rename didn't work as expected, =
because you have changed ENGINE_FQDN in 10-setup-protocols.conf. We =
don't support user updates on automatically generated files in =
/etc/ovirt-engine/engine.conf.d/. Please next time you'd like to change =
something, change it in 99-custom-???.conf file.
=20
I roll back this change, as you said it was not enough and then the =
rename
command..
=20
>=20
> Now how to get things working: I'm afraid it would be long and =
painful
process, but let's try:
>=20
> 1. Change manually ENGINE_FQDN to the new value you have used as new =
FQDN in
ovirt-engine-rename in those files:
>=20
> /etc/ovirt-engine/engine.conf.d/10-setup-protocols.conf
> /etc/ovirt-engine/imageuploader.conf.d/10-engine-setup.conf
> /etc/ovirt-engine/isouploader.conf.d/10-engine-setup.conf
> /etc/ovirt-engine/logcollector.conf.d/10-engine-setup.conf
>=20
> 2. Now, let's check your custom certificates, I know you are using =
your
custom CA, does the trustore you have set into =
ENGINE_HTTPS_PKI_TRUST_STORE contains all certificates which are needed =
to verify HTTPS certificates you have set in Apache for new FQDN? If so, =
then please restart your engine and try
>=20
> Thanks
>=20
> Martin Perina
=20
I'm not sur the PKI part is the biggest problem. I managed to get it =
work
after a rename and using a custom truststore with all the needed =
CA.
=20
My main problem is with this strange=20
User login failure: java.lang.RuntimeException: server_error: =
org.codehaus.jackson.JsonParseException: Unexpected character ('<' (code
=
60)): expected a valid value (number, String, array, object, 'true', =
'false' or 'null')
=20
that no one seems to understand where it came from. Ravi suggest to do =
not use
custom certificate, but I think it's impossible to test this =
now, because of the incomplete operation of the rename command. So I =
will but back my trust store and we should focus on this message.
=20
By the way, I'm on irc on the channel with the nick FabriceB.
Ok we finally nailed that problem with the help of Ravi Nori. Because of =
the new SSO settings, ovirt-engine made a called to itself, from within =
the same process. But it needed to go through apache to authentify =
itself by itself and was intercepted by my SSO setup. I will need to =
rewrite it and split URL.
--Apple-Mail=_F7422B19-9C53-401B-B9C1-3EB9A88300B1
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
charset=utf-8
<html><head><meta http-equiv=3D"Content-Type"
content=3D"text/html =
charset=3Dutf-8"></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" =
class=3D""><br class=3D""><div><blockquote
type=3D"cite" class=3D""><div =
class=3D"">Le 11 ao=C3=BBt 2016 =C3=A0 11:37, Fabrice Bacchella <<a
=
href=3D"mailto:fabrice.bacchella@icloud.com" =
class=3D"">fabrice.bacchella(a)icloud.com</a>&gt; a =C3=A9crit
:</div><br =
class=3D"Apple-interchange-newline"><div class=3D""><meta
=
http-equiv=3D"Content-Type" content=3D"text/html charset=3Dutf-8" =
class=3D""><div style=3D"word-wrap: break-word; -webkit-nbsp-mode: =
space; -webkit-line-break: after-white-space;" class=3D""><br =
class=3D""><div class=3D""><blockquote
type=3D"cite" class=3D""><div =
class=3D"">Le 11 ao=C3=BBt 2016 =C3=A0 09:31, Martin Perina <<a =
href=3D"mailto:mperina@redhat.com"
class=3D"">mperina(a)redhat.com</a>&gt; =
a =C3=A9crit :</div><br class=3D"Apple-interchange-newline"><div
=
class=3D""><div dir=3D"ltr" class=3D""><div
class=3D"gmail_default" =
style=3D"font-family:arial,helvetica,sans-serif">Hi Fabrice,<br =
class=3D""><br class=3D""></div><div
class=3D"gmail_default" =
style=3D"font-family:arial,helvetica,sans-serif">so it seems to me that =
ovirt-engine-rename didn't work as expected, because you have changed =
ENGINE_FQDN in 10-setup-protocols.conf. We don't support user updates on =
automatically generated files in /etc/ovirt-engine/engine.conf.d/. =
Please next time you'd like to change something, change it in =
99-custom-???.conf file.<br
class=3D""></div></div></div></blockquote><div=
class=3D""><br class=3D""></div>I roll back this
change, as you said it =
was not enough and then the rename command..</div><div
class=3D""><br =
class=3D""><blockquote type=3D"cite"
class=3D""><div class=3D""><div =
dir=3D"ltr" class=3D""><div class=3D"gmail_default" =
style=3D"font-family:arial,helvetica,sans-serif"><br
class=3D""></div><div=
class=3D"gmail_default" =
style=3D"font-family:arial,helvetica,sans-serif">Now how to get things =
working: I'm afraid it would be long and painful process, but let's =
try:<br class=3D""><br class=3D""></div><div
class=3D"gmail_default" =
style=3D"font-family:arial,helvetica,sans-serif">1. Change manually =
ENGINE_FQDN to the new value you have used as new FQDN in =
ovirt-engine-rename in those files:<br class=3D""><br =
class=3D"">
/etc/ovirt-engine/engine.conf.<wbr =
class=3D"">d/10-setup-protocols.conf<br class=3D"">
=
/etc/ovirt-engine/<wbr class=3D"">imageuploader.conf.d/10-<wbr =
class=3D"">engine-setup.conf<br class=3D"">
/etc/ovirt-engine/isouploader.<wbr =
class=3D"">conf.d/10-engine-setup.conf<br class=3D"">
/etc/ovirt-engine/<wbr =
class=3D"">logcollector.conf.d/10-engine-<wbr
class=3D"">setup.conf<br =
class=3D""><br class=3D""></div><div
class=3D"gmail_default" =
style=3D"font-family:arial,helvetica,sans-serif">2. Now, let's check =
your custom certificates, I know you are using your custom CA, does the =
trustore you have set into ENGINE_HTTPS_PKI_TRUST_STORE contains all =
certificates which are needed to verify HTTPS certificates you have set =
in Apache for new FQDN? If so, then please restart your engine and =
try<br class=3D""><br class=3D""></div><div
class=3D"gmail_default" =
style=3D"font-family:arial,helvetica,sans-serif">Thanks<br
class=3D""><br =
class=3D""></div><div class=3D"gmail_default" =
style=3D"font-family:arial,helvetica,sans-serif">Martin Perina<br =
class=3D""></div></div></div></blockquote></div><br
class=3D""><div =
class=3D"">I'm not sur the PKI part is the biggest problem. I managed to
=
get it work after a rename and using a custom truststore with all the =
needed CA.</div><div class=3D""><br
class=3D""></div><div class=3D"">My =
main problem is with this strange </div><div
class=3D"">User login =
failure: java.lang.RuntimeException: server_error: =
org.codehaus.jackson.JsonParseException: Unexpected character ('<' =
(code 60)): expected a valid value (number, String, array, object, =
'true', 'false' or 'null')</div><div
class=3D""><br class=3D""></div><div =
class=3D"">that no one seems to understand where it came from. Ravi =
suggest to do not use custom certificate, but I think it's impossible to =
test this now, because of the incomplete operation of the rename =
command. So I will but back my trust store and we should focus on this =
message.</div><div class=3D""><br
class=3D""></div><div class=3D"">By =
the way, I'm on irc on the channel with the nick =
FabriceB.</div></div></div></blockquote><br
class=3D""></div><div>Ok we =
finally nailed that problem with the help of Ravi Nori. Because of the =
new SSO settings, ovirt-engine made a called to itself, from within the =
same process. But it needed to go through apache to authentify itself by =
itself and was intercepted by my SSO setup. I will need to rewrite it =
and split URL.</div><div><br
class=3D""></div><div><br =
class=3D""></div><br
class=3D""></body></html>=
--Apple-Mail=_F7422B19-9C53-401B-B9C1-3EB9A88300B1--
3024
days inactive
3024
days old
0 comments
1 participants
participants (1)
-
Fabrice Bacchella