10:33 a.m.
Hello,
in a home lab with only one puplic IPv4-Adress is the Port 443 a very precious one.
The installation of oVirt 4.3 on a single node/host with bare metal installed CentOS works
well. (oVirt Cockpit and local installed engine added after installation of Centos 7.6).
But it is more difficult to change the port from 443 to maybe 4443 the save the port 443.
The change in:
- /etc/httpd/conf/conf.d/ssl.conf
- /var/lib/ovirt-engine/jboss_runtime/config/ovirt-engine.xml
and
- disable selinux
- add 4443 to public with firewall-cmd
It does not work... now I see is more difficult than I think before...
A port redirection at the edge route from <public-IPv4>:4443 to
<private-IPv4>:443 does also not work, because the links points all to the standard
https adress without a port number.
Is there a way to change the default port 443 of oVirt engine to a other port?
Many Thanks in advance!
3:58 a.m.
New subject: oVirt engine/engine-setup with other port than default HTTPS 443 possible?
On Wed, Jun 12, 2019 at 10:38 PM Dirk Rydvan <rydvan(a)gmx.de> wrote:
Hello,
in a home lab with only one puplic IPv4-Adress is the Port 443 a very precious one.
The installation of oVirt 4.3 on a single node/host with bare metal installed CentOS
works well. (oVirt Cockpit and local installed engine added after installation of Centos
7.6).
But it is more difficult to change the port from 443 to maybe 4443 the save the port
443.
The change in:
- /etc/httpd/conf/conf.d/ssl.conf
- /var/lib/ovirt-engine/jboss_runtime/config/ovirt-engine.xml
and
- disable selinux
- add 4443 to public with firewall-cmd
It does not work... now I see is more difficult than I think before...
A port redirection at the edge route from <public-IPv4>:4443 to
<private-IPv4>:443 does also not work, because the links points all to the standard
https adress without a port number.
Is there a way to change the default port 443 of oVirt engine to a other port?
I do not think this was ever tested, but you can try doing that by
running engine-setup with an answer file that includes e.g.:
OVESETUP_CONFIG/httpPort=int:2080
OVESETUP_CONFIG/httpsPort=int:2443
It should configure everything correctly, more-or-less.
I guess most people in your position use some proxy, though, or ssh
tunneling, etc.
Good luck and best regards,
--
Didi
3:27 p.m.
New subject: oVirt engine/engine-setup with other port than default HTTPS 443 possible?
The idea ist quite good - a modified answer file with the suggested values seems to work
at beginning:
<log>
INFO ] Restarting httpd
Please use the user 'admin@internal' and password specified in order to
login
Web access is enabled at:
http://hypervisor.local:2080/ovirt-engine
https://hypervisor.local:2443/ovirt-engine
Internal CA B1:02:C1:A4:7A:70:18:22:F5:4C:55:B3:F6:B3:6A:3D:BF:EF4
SSH fingerprint: SHA256:mj941Nk0yz2lrt0laognOHgTK18nP+zO6b4fPfXa3wM
--== END OF SUMMARY ==--
</log>
OK - I add 2443 manualy to firewall:
<log>
firewall-cmd --permanent --add-port=2443/tcp --zone=public
firewall-cmd --reload
</log>
OK - httpd conf is still 443 instead of 2443, I change it manualy:
<log>
vi /etc/httpd/conf.d/ssl.conf
</log>
I see, that dissabling selinux is necessary - I do so:
<log>
vi /etc/sysconfig/selinux
reboot
</log>
it still not work - in the Browser:
<log>
Errorcode: SSL_ERROR_RX_RECORD_TOO_LONG
</log>
....and no idea anymore....
1991
days inactive
1992
days old
2 comments
2 participants
participants (2)
-
Dirk Rydvan -
Yedidyah Bar David