Hi all I'm trying to run ovirt-dr generate but its failing: /usr/share/ansible/collections/ansible_collections/redhat/rhv/roles/disaster_recovery/files/ovirt-dr generate Log file: '/tmp/ovirt-dr-1649673243333.log' [Generate Mapping File] Connection to setup has failed. Please check your credentials: URL: https://server.fqdn/ovirt-engine/api user: admin@internal CA file: ./ca.pem [Generate Mapping File] Failed to generate var file. When I examine the log file: 2022-04-11 18:34:03,332 INFO Start generate variable mapping file for oVirt ansible disaster recovery 2022-04-11 18:34:03,333 INFO Site address: https://server.fqdn/ovirt-engine/api username: admin@internal password: ******* ca file location: ./ca.pem output file location: ./disaster_recovery_vars.yml ansible play location: ./dr_play.yml 2022-04-11 18:34:03,343 ERROR Connection to setup has failed. Please check your credentials: URL: https://server.fqdn/ovirt-engine/api user: admin@internal CA file: ./ca.pem 2022-04-11 18:34:03,343 ERROR Error: Error while sending HTTP request: (60, 'SSL certificate problem: unable to get local issuer certificate') 2022-04-11 18:34:03,343 ERROR Failed to generate var file. My suspicion is that the script doesn't like third party certs. Has anyone got this working with third party certs? If so, what did you need to do? Thanks
+Pavel Bar On Mon, Apr 11, 2022 at 1:40 PM Colin Coe <colin.coe@gmail.com> wrote:
Hi all
I'm trying to run ovirt-dr generate but its failing: /usr/share/ansible/collections/ansible_collections/redhat/rhv/roles/disaster_recovery/files/ovirt-dr generate Log file: '/tmp/ovirt-dr-1649673243333.log' [Generate Mapping File] Connection to setup has failed. Please check your credentials: URL: https://server.fqdn/ovirt-engine/api user: admin@internal CA file: ./ca.pem [Generate Mapping File] Failed to generate var file.
When I examine the log file: 2022-04-11 18:34:03,332 INFO Start generate variable mapping file for oVirt ansible disaster recovery 2022-04-11 18:34:03,333 INFO Site address: https://server.fqdn/ovirt-engine/api username: admin@internal password: ******* ca file location: ./ca.pem output file location: ./disaster_recovery_vars.yml ansible play location: ./dr_play.yml 2022-04-11 18:34:03,343 ERROR Connection to setup has failed. Please check your credentials: URL: https://server.fqdn/ovirt-engine/api user: admin@internal CA file: ./ca.pem 2022-04-11 18:34:03,343 ERROR Error: Error while sending HTTP request: (60, 'SSL certificate problem: unable to get local issuer certificate') 2022-04-11 18:34:03,343 ERROR Failed to generate var file.
My suspicion is that the script doesn't like third party certs.
Has anyone got this working with third party certs? If so, what did you need to do?
Thanks _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-leave@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/X6WCCPOBXKIC6C...
Adding Martin Perina & Martin Necas. Hi @Martin Perina <mperina@redhat.com> & @Martin Necas <mnecas@redhat.com> :) Do you know whether 3rd party certificates should work? And/or what can be the issue with the certificates? Thank you in advance! Pavel On Tue, 12 Apr 2022 at 10:20, Benny Zlotnik <bzlotnik@redhat.com> wrote:
+Pavel Bar
On Mon, Apr 11, 2022 at 1:40 PM Colin Coe <colin.coe@gmail.com> wrote:
Hi all
I'm trying to run ovirt-dr generate but its failing:
/usr/share/ansible/collections/ansible_collections/redhat/rhv/roles/disaster_recovery/files/ovirt-dr generate
Log file: '/tmp/ovirt-dr-1649673243333.log' [Generate Mapping File] Connection to setup has failed. Please check your credentials: URL: https://server.fqdn/ovirt-engine/api user: admin@internal CA file: ./ca.pem [Generate Mapping File] Failed to generate var file.
When I examine the log file: 2022-04-11 18:34:03,332 INFO Start generate variable mapping file for oVirt ansible disaster recovery 2022-04-11 18:34:03,333 INFO Site address: https://server.fqdn/ovirt-engine/api username: admin@internal password: ******* ca file location: ./ca.pem output file location: ./disaster_recovery_vars.yml ansible play location: ./dr_play.yml 2022-04-11 18:34:03,343 ERROR Connection to setup has failed. Please check your credentials: URL: https://server.fqdn/ovirt-engine/api user: admin@internal CA file: ./ca.pem 2022-04-11 18:34:03,343 ERROR Error: Error while sending HTTP request: (60, 'SSL certificate problem: unable to get local issuer certificate') 2022-04-11 18:34:03,343 ERROR Failed to generate var file.
My suspicion is that the script doesn't like third party certs.
Has anyone got this working with third party certs? If so, what did you need to do?
Thanks _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-leave@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/X6WCCPOBXKIC6C...
Thanks all but I ended up figuring it out. I needed to use a "chain" file which included the root and intermediate certs. Sorry to have wasted your time. On Tue, 12 Apr 2022 at 18:07, Pavel Bar <pbar@redhat.com> wrote:
Adding Martin Perina & Martin Necas. Hi @Martin Perina <mperina@redhat.com> & @Martin Necas <mnecas@redhat.com> :) Do you know whether 3rd party certificates should work? And/or what can be the issue with the certificates?
Thank you in advance!
Pavel
On Tue, 12 Apr 2022 at 10:20, Benny Zlotnik <bzlotnik@redhat.com> wrote:
+Pavel Bar
On Mon, Apr 11, 2022 at 1:40 PM Colin Coe <colin.coe@gmail.com> wrote:
Hi all
I'm trying to run ovirt-dr generate but its failing:
/usr/share/ansible/collections/ansible_collections/redhat/rhv/roles/disaster_recovery/files/ovirt-dr generate
Log file: '/tmp/ovirt-dr-1649673243333.log' [Generate Mapping File] Connection to setup has failed. Please check your credentials: URL: https://server.fqdn/ovirt-engine/api user: admin@internal CA file: ./ca.pem [Generate Mapping File] Failed to generate var file.
When I examine the log file: 2022-04-11 18:34:03,332 INFO Start generate variable mapping file for oVirt ansible disaster recovery 2022-04-11 18:34:03,333 INFO Site address: https://server.fqdn/ovirt-engine/api username: admin@internal password: ******* ca file location: ./ca.pem output file location: ./disaster_recovery_vars.yml ansible play location: ./dr_play.yml 2022-04-11 18:34:03,343 ERROR Connection to setup has failed. Please check your credentials: URL: https://server.fqdn/ovirt-engine/api user: admin@internal CA file: ./ca.pem 2022-04-11 18:34:03,343 ERROR Error: Error while sending HTTP request: (60, 'SSL certificate problem: unable to get local issuer certificate') 2022-04-11 18:34:03,343 ERROR Failed to generate var file.
My suspicion is that the script doesn't like third party certs.
Has anyone got this working with third party certs? If so, what did you need to do?
Thanks _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-leave@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/X6WCCPOBXKIC6C...
On Mon, Apr 11, 2022 at 1:39 PM Colin Coe <colin.coe@gmail.com> wrote:
Hi all
I'm trying to run ovirt-dr generate but its failing: /usr/share/ansible/collections/ansible_collections/redhat/rhv/roles/disaster_recovery/files/ovirt-dr generate Log file: '/tmp/ovirt-dr-1649673243333.log' [Generate Mapping File] Connection to setup has failed. Please check your credentials: URL: https://server.fqdn/ovirt-engine/api user: admin@internal CA file: ./ca.pem
ca.pem is likely engine self signed certificate...
[Generate Mapping File] Failed to generate var file.
When I examine the log file: 2022-04-11 18:34:03,332 INFO Start generate variable mapping file for oVirt ansible disaster recovery 2022-04-11 18:34:03,333 INFO Site address: https://server.fqdn/ovirt-engine/api username: admin@internal password: ******* ca file location: ./ca.pem output file location: ./disaster_recovery_vars.yml ansible play location: ./dr_play.yml 2022-04-11 18:34:03,343 ERROR Connection to setup has failed. Please check your credentials: URL: https://server.fqdn/ovirt-engine/api user: admin@internal CA file: ./ca.pem 2022-04-11 18:34:03,343 ERROR Error: Error while sending HTTP request: (60, 'SSL certificate problem: unable to get local issuer certificate') 2022-04-11 18:34:03,343 ERROR Failed to generate var file.
My suspicion is that the script doesn't like third party certs.
Has anyone got this working with third party certs? If so, what did you need to do?
But you are using a 3rd party certificate, so you need to use the right certificate. Depending on the code, an empty ca_file can work, or you need to point it to the actual ca file installed in the system. I think Didi can help with this. Nir
participants (4)
-
Benny Zlotnik -
Colin Coe -
Nir Soffer -
Pavel Bar