Certificate Enrollment Failed
<p class=3DMsoNormal><o:p> </o:p></p><p = class=3DMsoNormal>engine.log :<o:p></o:p></p><p = class=3DMsoNormal><o:p> </o:p></p><p class=3DMsoNormal>2014-11-03 = 11:22:38,485 INFO = [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] = (VdsDeploy) Correlation ID: 2f0410ee, Call Stack: null, Custom Event ID: = -1$<o:p></o:p></p><p class=3DMsoNormal>2014-11-03 11:22:39,496 ERROR = [org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper] (VdsDeploy) = Sign Certificate request failed with exit code 1<o:p></o:p></p><p = class=3DMsoNormal>2014-11-03 11:22:39,497 ERROR = [org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper] (VdsDeploy) = Sign Certificate request script errors:<o:p></o:p></p><p = class=3DMsoNormal>Using configuration from openssl.conf<o:p></o:p></p><p = class=3DMsoNormal>unable to load number from serial.txt<o:p></o:p></p><p = class=3DMsoNormal>error while loading serial number<o:p></o:p></p><p = class=3DMsoNormal>139842728826696:error:0D066096:asn1 encoding = routines:a2i_ASN1_INTEGER:short line:f_int.c:215:<o:p></o:p></p><p = class=3DMsoNormal>Cannot sign certificate<o:p></o:p></p><p = class=3DMsoNormal><o:p> </o:p></p><p class=3DMsoNormal>2014-11-03 = 11:22:39,499 ERROR [org.ovirt.engine.core.bll.VdsDeploy] (VdsDeploy) = Error during deploy dialog: java.lang.RuntimeException: Certificate = enrollment failed<o:p></o:p></p><p = class=3DMsoNormal> at = org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper.signCertificateR= equest(OpenSslCAWrapper.java:56) [utils.jar:]<o:p></o:p></p><p = class=3DMsoNormal> at = org.ovirt.engine.core.bll.VdsDeploy._threadMain(VdsDeploy.java:927) = [bll.jar:]<o:p></o:p></p><p = class=3DMsoNormal> at = org.ovirt.engine.core.bll.VdsDeploy.access$2000(VdsDeploy.java:83) = [bll.jar:]<o:p></o:p></p><p = class=3DMsoNormal> at = org.ovirt.engine.core.bll.VdsDeploy$51.run(VdsDeploy.java:969) = [bll.jar:]<o:p></o:p></p><p = class=3DMsoNormal> at = java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71]<o:p></o:p></p><p = class=3DMsoNormal><o:p> </o:p></p><p class=3DMsoNormal>2014-11-03 = 11:22:39,510 ERROR [org.ovirt.engine.core.bll.VdsDeploy] = (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Error during host = 10.10.10.2 install: java.lang.RuntimeExc$<o:p></o:p></p><p = class=3DMsoNormal> at = org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper.signCertificateR= equest(OpenSslCAWrapper.java:56) [utils.jar:]<o:p></o:p></p><p = class=3DMsoNormal> at = org.ovirt.engine.core.bll.VdsDeploy._threadMain(VdsDeploy.java:927) = [bll.jar:]<o:p></o:p></p><p = class=3DMsoNormal> at = org.ovirt.engine.core.bll.VdsDeploy.access$2000(VdsDeploy.java:83) = [bll.jar:]<o:p></o:p></p><p = class=3DMsoNormal> at = org.ovirt.engine.core.bll.VdsDeploy$51.run(VdsDeploy.java:969) = [bll.jar:]<o:p></o:p></p><p = class=3DMsoNormal> at = java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71]<o:p></o:p></p><p = class=3DMsoNormal><o:p> </o:p></p><p class=3DMsoNormal>2014-11-03 = 11:22:39,516 ERROR [org.ovirt.engine.core.bll.InstallerMessages] = (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Installation 10.10.10.2: = Certificate enrollment fa$<o:p></o:p></p><p class=3DMsoNormal>2014-11-03 = 11:22:39,546 ERROR = [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] = (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Correlation ID: 2f0410ee, = Cal$<o:p></o:p></p><p class=3DMsoNormal>2014-11-03 11:22:39,548 ERROR = [org.ovirt.engine.core.bll.VdsDeploy] (org.ovirt.thread.pool-8-thread-2) = [2f0410ee] Error during host 10.10.10.2 install, prefering first = exce$<o:p></o:p></p><p = class=3DMsoNormal> at = org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper.signCertificateR= equest(OpenSslCAWrapper.java:56) [utils.jar:]<o:p></o:p></p><p = class=3DMsoNormal> at = org.ovirt.engine.core.bll.VdsDeploy._threadMain(VdsDeploy.java:927) = [bll.jar:]<o:p></o:p></p><p = class=3DMsoNormal> at = org.ovirt.engine.core.bll.VdsDeploy.access$2000(VdsDeploy.java:83) = [bll.jar:]<o:p></o:p></p><p = class=3DMsoNormal> at = org.ovirt.engine.core.bll.VdsDeploy$51.run(VdsDeploy.java:969) = [bll.jar:]<o:p></o:p></p><p = class=3DMsoNormal> at = java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71]<o:p></o:p></p><p = class=3DMsoNormal><o:p> </o:p></p><p = class=3DMsoNormal><o:p> </o:p></p><p class=3DMsoNormal>I’ve = been struggling with this problem for about a week now, and I have tried = changing HostIDs and re-installing ovirt-hosted-engine-setup but it = still appears. The only thing I couldn’t try is to re-install the = machine. The problem with that is I have my gluster bricks running on =
This is a multipart message in MIME format. ------=_NextPart_000_09DE_01CFF75D.1124B030 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Hello Everyone! I am trying to re-install a host in an ovirt hosted-engine environment but the second host keeps on failing with the Certificate Enrollment failed error. I have deleted the Host from the Engine but it always fails at the certificate enrollment. The following problem is similar to mine but I have checked my file permissions and they are all as they should: http://lists.ovirt.org/pipermail/users/2014-May/024738.html engine.log : 2014-11-03 11:22:38,485 INFO [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (VdsDeploy) Correlation ID: 2f0410ee, Call Stack: null, Custom Event ID: -1$ 2014-11-03 11:22:39,496 ERROR [org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper] (VdsDeploy) Sign Certificate request failed with exit code 1 2014-11-03 11:22:39,497 ERROR [org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper] (VdsDeploy) Sign Certificate request script errors: Using configuration from openssl.conf unable to load number from serial.txt error while loading serial number 139842728826696:error:0D066096:asn1 encoding routines:a2i_ASN1_INTEGER:short line:f_int.c:215: Cannot sign certificate 2014-11-03 11:22:39,499 ERROR [org.ovirt.engine.core.bll.VdsDeploy] (VdsDeploy) Error during deploy dialog: java.lang.RuntimeException: Certificate enrollment failed at org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper.signCertificateRequ est(OpenSslCAWrapper.java:56) [utils.jar:] at org.ovirt.engine.core.bll.VdsDeploy._threadMain(VdsDeploy.java:927) [bll.jar:] at org.ovirt.engine.core.bll.VdsDeploy.access$2000(VdsDeploy.java:83) [bll.jar:] at org.ovirt.engine.core.bll.VdsDeploy$51.run(VdsDeploy.java:969) [bll.jar:] at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71] 2014-11-03 11:22:39,510 ERROR [org.ovirt.engine.core.bll.VdsDeploy] (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Error during host 10.10.10.2 install: java.lang.RuntimeExc$ at org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper.signCertificateRequ est(OpenSslCAWrapper.java:56) [utils.jar:] at org.ovirt.engine.core.bll.VdsDeploy._threadMain(VdsDeploy.java:927) [bll.jar:] at org.ovirt.engine.core.bll.VdsDeploy.access$2000(VdsDeploy.java:83) [bll.jar:] at org.ovirt.engine.core.bll.VdsDeploy$51.run(VdsDeploy.java:969) [bll.jar:] at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71] 2014-11-03 11:22:39,516 ERROR [org.ovirt.engine.core.bll.InstallerMessages] (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Installation 10.10.10.2: Certificate enrollment fa$ 2014-11-03 11:22:39,546 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Correlation ID: 2f0410ee, Cal$ 2014-11-03 11:22:39,548 ERROR [org.ovirt.engine.core.bll.VdsDeploy] (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Error during host 10.10.10.2 install, prefering first exce$ at org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper.signCertificateRequ est(OpenSslCAWrapper.java:56) [utils.jar:] at org.ovirt.engine.core.bll.VdsDeploy._threadMain(VdsDeploy.java:927) [bll.jar:] at org.ovirt.engine.core.bll.VdsDeploy.access$2000(VdsDeploy.java:83) [bll.jar:] at org.ovirt.engine.core.bll.VdsDeploy$51.run(VdsDeploy.java:969) [bll.jar:] at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71] I've been struggling with this problem for about a week now, and I have tried changing HostIDs and re-installing ovirt-hosted-engine-setup but it still appears. The only thing I couldn't try is to re-install the machine. The problem with that is I have my gluster bricks running on the same therefore it is the last option I want to consider. Hopefully somebody will be able to assist me with this. Thanks in advance. Dinu. ------=_NextPart_000_09DE_01CFF75D.1124B030 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable <html xmlns:v=3D"urn:schemas-microsoft-com:vml" = xmlns:o=3D"urn:schemas-microsoft-com:office:office" = xmlns:w=3D"urn:schemas-microsoft-com:office:word" = xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" = xmlns=3D"http://www.w3.org/TR/REC-html40"><head><meta = http-equiv=3DContent-Type content=3D"text/html; = charset=3Dus-ascii"><meta name=3DGenerator content=3D"Microsoft Word 14 = (filtered medium)"><style><!-- /* Font Definitions */ @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4;} @font-face {font-family:Tahoma; panose-1:2 11 6 4 3 5 4 4 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; margin-bottom:.0001pt; font-size:11.0pt; font-family:"Calibri","sans-serif";} a:link, span.MsoHyperlink {mso-style-priority:99; color:blue; text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed {mso-style-priority:99; color:purple; text-decoration:underline;} p.MsoAcetate, li.MsoAcetate, div.MsoAcetate {mso-style-priority:99; mso-style-link:"Balloon Text Char"; margin:0in; margin-bottom:.0001pt; font-size:8.0pt; font-family:"Tahoma","sans-serif";} span.EmailStyle17 {mso-style-type:personal-compose; font-family:"Calibri","sans-serif"; color:windowtext;} span.BalloonTextChar {mso-style-name:"Balloon Text Char"; mso-style-priority:99; mso-style-link:"Balloon Text"; font-family:"Tahoma","sans-serif";} .MsoChpDefault {mso-style-type:export-only; font-family:"Calibri","sans-serif";} @page WordSection1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in;} div.WordSection1 {page:WordSection1;} --></style><!--[if gte mso 9]><xml> <o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" /> </xml><![endif]--><!--[if gte mso 9]><xml> <o:shapelayout v:ext=3D"edit"> <o:idmap v:ext=3D"edit" data=3D"1" /> </o:shapelayout></xml><![endif]--></head><body lang=3DEN-US link=3Dblue = vlink=3Dpurple><div class=3DWordSection1><p class=3DMsoNormal>Hello = Everyone!<o:p></o:p></p><p class=3DMsoNormal><o:p> </o:p></p><p = class=3DMsoNormal>I am trying to re-install a host in an ovirt = hosted-engine environment but the second host keeps on failing with the = Certificate Enrollment failed error. <o:p></o:p></p><p = class=3DMsoNormal><o:p> </o:p></p><p class=3DMsoNormal>I have = deleted the Host from the Engine but it always fails at the certificate = enrollment. <o:p></o:p></p><p class=3DMsoNormal><o:p> </o:p></p><p = class=3DMsoNormal>The following problem is similar to mine but I have = checked my file permissions and they are all as they = should:<o:p></o:p></p><p class=3DMsoNormal><o:p> </o:p></p><p = class=3DMsoNormal><a = href=3D"http://lists.ovirt.org/pipermail/users/2014-May/024738.html">http= ://lists.ovirt.org/pipermail/users/2014-May/024738.html</a><o:p></o:p></p= the same therefore it is the last option I want to = consider.<o:p></o:p></p><p class=3DMsoNormal><o:p> </o:p></p><p = class=3DMsoNormal>Hopefully somebody will be able to assist me with = this.<o:p></o:p></p><p class=3DMsoNormal><o:p> </o:p></p><p = class=3DMsoNormal>Thanks in advance.<o:p></o:p></p><p = class=3DMsoNormal><br>Dinu.<o:p></o:p></p></div></body></html> ------=_NextPart_000_09DE_01CFF75D.1124B030--
it means that /etc/pki/ovirt-engine/serial.txt is either empty or missing, should not happen if ca is set up. ----- Original Message -----
From: "Dinuwan" <dinuwan@seychelles.sc> To: users@ovirt.org Sent: Monday, November 3, 2014 9:55:30 AM Subject: [ovirt-users] Certificate Enrollment Failed
Hello Everyone!
I am trying to re-install a host in an ovirt hosted-engine environment but the second host keeps on failing with the Certificate Enrollment failed error.
I have deleted the Host from the Engine but it always fails at the certificate enrollment.
The following problem is similar to mine but I have checked my file permissions and they are all as they should:
http://lists.ovirt.org/pipermail/users/2014-May/024738.html
engine.log :
2014-11-03 11:22:38,485 INFO [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (VdsDeploy) Correlation ID: 2f0410ee, Call Stack: null, Custom Event ID: -1$
2014-11-03 11:22:39,496 ERROR [org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper] (VdsDeploy) Sign Certificate request failed with exit code 1
2014-11-03 11:22:39,497 ERROR [org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper] (VdsDeploy) Sign Certificate request script errors:
Using configuration from openssl.conf
unable to load number from serial.txt
error while loading serial number
139842728826696:error:0D066096:asn1 encoding routines:a2i_ASN1_INTEGER:short line:f_int.c:215:
Cannot sign certificate
2014-11-03 11:22:39,499 ERROR [org.ovirt.engine.core.bll.VdsDeploy] (VdsDeploy) Error during deploy dialog: java.lang.RuntimeException: Certificate enrollment failed
at org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper.signCertificateRequest(OpenSslCAWrapper.java:56) [utils.jar:]
at org.ovirt.engine.core.bll.VdsDeploy._threadMain(VdsDeploy.java:927) [bll.jar:]
at org.ovirt.engine.core.bll.VdsDeploy.access$2000(VdsDeploy.java:83) [bll.jar:]
at org.ovirt.engine.core.bll.VdsDeploy$51.run(VdsDeploy.java:969) [bll.jar:]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71]
2014-11-03 11:22:39,510 ERROR [org.ovirt.engine.core.bll.VdsDeploy] (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Error during host 10.10.10.2 install: java.lang.RuntimeExc$
at org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper.signCertificateRequest(OpenSslCAWrapper.java:56) [utils.jar:]
at org.ovirt.engine.core.bll.VdsDeploy._threadMain(VdsDeploy.java:927) [bll.jar:]
at org.ovirt.engine.core.bll.VdsDeploy.access$2000(VdsDeploy.java:83) [bll.jar:]
at org.ovirt.engine.core.bll.VdsDeploy$51.run(VdsDeploy.java:969) [bll.jar:]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71]
2014-11-03 11:22:39,516 ERROR [org.ovirt.engine.core.bll.InstallerMessages] (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Installation 10.10.10.2: Certificate enrollment fa$
2014-11-03 11:22:39,546 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Correlation ID: 2f0410ee, Cal$
2014-11-03 11:22:39,548 ERROR [org.ovirt.engine.core.bll.VdsDeploy] (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Error during host 10.10.10.2 install, prefering first exce$
at org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper.signCertificateRequest(OpenSslCAWrapper.java:56) [utils.jar:]
at org.ovirt.engine.core.bll.VdsDeploy._threadMain(VdsDeploy.java:927) [bll.jar:]
at org.ovirt.engine.core.bll.VdsDeploy.access$2000(VdsDeploy.java:83) [bll.jar:]
at org.ovirt.engine.core.bll.VdsDeploy$51.run(VdsDeploy.java:969) [bll.jar:]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71]
I’ve been struggling with this problem for about a week now, and I have tried changing HostIDs and re-installing ovirt-hosted-engine-setup but it still appears. The only thing I couldn’t try is to re-install the machine. The problem with that is I have my gluster bricks running on the same therefore it is the last option I want to consider.
Hopefully somebody will be able to assist me with this.
Thanks in advance.
Dinu.
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Hi Alon, Thank you for your reply. I just checked the serial.txt file and indeed it is empty. How do you think I should proceed with it? Regards, Dinu. -----Original Message----- From: Alon Bar-Lev [mailto:alonbl@redhat.com] Sent: Monday, November 03, 2014 12:06 PM To: Dinuwan Cc: users@ovirt.org Subject: Re: [ovirt-users] Certificate Enrollment Failed it means that /etc/pki/ovirt-engine/serial.txt is either empty or missing, should not happen if ca is set up. ----- Original Message -----
From: "Dinuwan" <dinuwan@seychelles.sc> To: users@ovirt.org Sent: Monday, November 3, 2014 9:55:30 AM Subject: [ovirt-users] Certificate Enrollment Failed
Hello Everyone!
I am trying to re-install a host in an ovirt hosted-engine environment but the second host keeps on failing with the Certificate Enrollment failed error.
I have deleted the Host from the Engine but it always fails at the certificate enrollment.
The following problem is similar to mine but I have checked my file permissions and they are all as they should:
http://lists.ovirt.org/pipermail/users/2014-May/024738.html
engine.log :
2014-11-03 11:22:38,485 INFO [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (VdsDeploy) Correlation ID: 2f0410ee, Call Stack: null, Custom Event ID: -1$
2014-11-03 11:22:39,496 ERROR [org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper] (VdsDeploy) Sign Certificate request failed with exit code 1
2014-11-03 11:22:39,497 ERROR [org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper] (VdsDeploy) Sign Certificate request script errors:
Using configuration from openssl.conf
unable to load number from serial.txt
error while loading serial number
139842728826696:error:0D066096:asn1 encoding routines:a2i_ASN1_INTEGER:short line:f_int.c:215:
Cannot sign certificate
2014-11-03 11:22:39,499 ERROR [org.ovirt.engine.core.bll.VdsDeploy] (VdsDeploy) Error during deploy dialog: java.lang.RuntimeException: Certificate enrollment failed
at org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper.signCertifica teRequest(OpenSslCAWrapper.java:56) [utils.jar:]
at org.ovirt.engine.core.bll.VdsDeploy._threadMain(VdsDeploy.java:927) [bll.jar:]
at org.ovirt.engine.core.bll.VdsDeploy.access$2000(VdsDeploy.java:83) [bll.jar:]
at org.ovirt.engine.core.bll.VdsDeploy$51.run(VdsDeploy.java:969) [bll.jar:]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71]
2014-11-03 11:22:39,510 ERROR [org.ovirt.engine.core.bll.VdsDeploy] (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Error during host 10.10.10.2 install: java.lang.RuntimeExc$
at org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper.signCertifica teRequest(OpenSslCAWrapper.java:56) [utils.jar:]
at org.ovirt.engine.core.bll.VdsDeploy._threadMain(VdsDeploy.java:927) [bll.jar:]
at org.ovirt.engine.core.bll.VdsDeploy.access$2000(VdsDeploy.java:83) [bll.jar:]
at org.ovirt.engine.core.bll.VdsDeploy$51.run(VdsDeploy.java:969) [bll.jar:]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71]
2014-11-03 11:22:39,516 ERROR [org.ovirt.engine.core.bll.InstallerMessages] (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Installation 10.10.10.2: Certificate enrollment fa$
2014-11-03 11:22:39,546 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Correlation ID: 2f0410ee, Cal$
2014-11-03 11:22:39,548 ERROR [org.ovirt.engine.core.bll.VdsDeploy] (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Error during host 10.10.10.2 install, prefering first exce$
at org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper.signCertifica teRequest(OpenSslCAWrapper.java:56) [utils.jar:]
at org.ovirt.engine.core.bll.VdsDeploy._threadMain(VdsDeploy.java:927) [bll.jar:]
at org.ovirt.engine.core.bll.VdsDeploy.access$2000(VdsDeploy.java:83) [bll.jar:]
at org.ovirt.engine.core.bll.VdsDeploy$51.run(VdsDeploy.java:969) [bll.jar:]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71]
I’ve been struggling with this problem for about a week now, and I have tried changing HostIDs and re-installing ovirt-hosted-engine-setup but it still appears. The only thing I couldn’t try is to re-install the machine. The problem with that is I have my gluster bricks running on the same therefore it is the last option I want to consider.
Hopefully somebody will be able to assist me with this.
Thanks in advance.
Dinu.
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
----- Original Message -----
From: "Dinuwan" <dinuwan@seychelles.sc> To: "Alon Bar-Lev" <alonbl@redhat.com> Cc: users@ovirt.org Sent: Monday, November 3, 2014 11:05:39 AM Subject: Re: [ovirt-users] Certificate Enrollment Failed
Hi Alon,
Thank you for your reply.
I just checked the serial.txt file and indeed it is empty. How do you think I should proceed with it?
If that's your only problem, you can simply write there a number larger than the largest one issued so far, as can be seen by 'ls -l /etc/pki/ovirt-engine/certs'. E.g. if the largest there is '1007.pem', you can 'echo 1008 > /etc/pki/ovirt-engine/serial.txt'. However, this file should not be empty normally at this point. You might better check what caused it to be empty and what other damage this caused. E.g. check your logs etc for the timestamp(s) of this file. -- Didi
Hi Everyone, I managed to resolve the error with Alon's tip. There was actually a serial.txt.old file created (no idea how). What I did was put the same value in the old file in the new one and re-installed the host and it was successful! Thanks! -----Original Message----- From: Alon Bar-Lev [mailto:alonbl@redhat.com] Sent: Monday, November 03, 2014 12:06 PM To: Dinuwan Cc: users@ovirt.org Subject: Re: [ovirt-users] Certificate Enrollment Failed it means that /etc/pki/ovirt-engine/serial.txt is either empty or missing, should not happen if ca is set up. ----- Original Message -----
From: "Dinuwan" <dinuwan@seychelles.sc> To: users@ovirt.org Sent: Monday, November 3, 2014 9:55:30 AM Subject: [ovirt-users] Certificate Enrollment Failed
Hello Everyone!
I am trying to re-install a host in an ovirt hosted-engine environment but the second host keeps on failing with the Certificate Enrollment failed error.
I have deleted the Host from the Engine but it always fails at the certificate enrollment.
The following problem is similar to mine but I have checked my file permissions and they are all as they should:
http://lists.ovirt.org/pipermail/users/2014-May/024738.html
engine.log :
2014-11-03 11:22:38,485 INFO [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (VdsDeploy) Correlation ID: 2f0410ee, Call Stack: null, Custom Event ID: -1$
2014-11-03 11:22:39,496 ERROR [org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper] (VdsDeploy) Sign Certificate request failed with exit code 1
2014-11-03 11:22:39,497 ERROR [org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper] (VdsDeploy) Sign Certificate request script errors:
Using configuration from openssl.conf
unable to load number from serial.txt
error while loading serial number
139842728826696:error:0D066096:asn1 encoding routines:a2i_ASN1_INTEGER:short line:f_int.c:215:
Cannot sign certificate
2014-11-03 11:22:39,499 ERROR [org.ovirt.engine.core.bll.VdsDeploy] (VdsDeploy) Error during deploy dialog: java.lang.RuntimeException: Certificate enrollment failed
at org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper.signCertifica teRequest(OpenSslCAWrapper.java:56) [utils.jar:]
at org.ovirt.engine.core.bll.VdsDeploy._threadMain(VdsDeploy.java:927) [bll.jar:]
at org.ovirt.engine.core.bll.VdsDeploy.access$2000(VdsDeploy.java:83) [bll.jar:]
at org.ovirt.engine.core.bll.VdsDeploy$51.run(VdsDeploy.java:969) [bll.jar:]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71]
2014-11-03 11:22:39,510 ERROR [org.ovirt.engine.core.bll.VdsDeploy] (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Error during host 10.10.10.2 install: java.lang.RuntimeExc$
at org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper.signCertifica teRequest(OpenSslCAWrapper.java:56) [utils.jar:]
at org.ovirt.engine.core.bll.VdsDeploy._threadMain(VdsDeploy.java:927) [bll.jar:]
at org.ovirt.engine.core.bll.VdsDeploy.access$2000(VdsDeploy.java:83) [bll.jar:]
at org.ovirt.engine.core.bll.VdsDeploy$51.run(VdsDeploy.java:969) [bll.jar:]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71]
2014-11-03 11:22:39,516 ERROR [org.ovirt.engine.core.bll.InstallerMessages] (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Installation 10.10.10.2: Certificate enrollment fa$
2014-11-03 11:22:39,546 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Correlation ID: 2f0410ee, Cal$
2014-11-03 11:22:39,548 ERROR [org.ovirt.engine.core.bll.VdsDeploy] (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Error during host 10.10.10.2 install, prefering first exce$
at org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper.signCertifica teRequest(OpenSslCAWrapper.java:56) [utils.jar:]
at org.ovirt.engine.core.bll.VdsDeploy._threadMain(VdsDeploy.java:927) [bll.jar:]
at org.ovirt.engine.core.bll.VdsDeploy.access$2000(VdsDeploy.java:83) [bll.jar:]
at org.ovirt.engine.core.bll.VdsDeploy$51.run(VdsDeploy.java:969) [bll.jar:]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71]
I’ve been struggling with this problem for about a week now, and I have tried changing HostIDs and re-installing ovirt-hosted-engine-setup but it still appears. The only thing I couldn’t try is to re-install the machine. The problem with that is I have my gluster bricks running on the same therefore it is the last option I want to consider.
Hopefully somebody will be able to assist me with this.
Thanks in advance.
Dinu.
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
participants (3)
-
Alon Bar-Lev -
Dinuwan -
Yedidyah Bar David