Good evening all, I was able to work past this by restarting the dying machine briefly, backing up the keycloak database with pg_dump, and migrating it to the new system. setup-engine seems to work ok, but it is not generating the certs for the keycloak, now. When I attempt to log in to the web console, I got this message: Warning alert:PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target engine.log records: 2023-08-08 17:56:44,507-05 INFO
[org.ovirt.engine.core.sso.service.NegotiateAuthService] (default task-2) [] User admin@ovirt@internalkeycloak-authz with profile [internalsso] successfully logged in with scopes : ovirt-app-admin ovirt-app-api ovirt-app-portal ovirt-ext=auth:sequence-priority=~ ovirt-ext=revoke:revoke-all ovirt-ext=token-info:authz-search ovirt-ext=token-info:public-authz-search ovirt-ext=token-info:validate ovirt-ext=token:password-access 2023-08-08 17:56:44,623-05 ERROR [org.ovirt.engine.core.aaa.servlet.SsoPostLoginServlet] (default task-2) [] server_error: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 2023-08-08 17:56:50,216-05 INFO [org.ovirt.engine.core.bll.utils.ThreadPoolMonitoringService] (EE-ManagedScheduledExecutorService-engineThreadMonitoringThreadPool-Thread-1) [] Thread pool 'default' is using 0 threads out of 1, 5 threads waiting for tasks.
After adding engine.cer to the java keystore and restarting the engine all returned to normal. Thank you! *David Johnson* On Tue, Aug 8, 2023 at 3:30 PM David Johnson <djohnson@maxistechnology.com> wrote:
Update:
I have confirmed the original ovirt version has an ovirt_engine_keycloak database, but the database was not backed up by the engine-backup command
*David Johnson* *Director of Development, Maxis Technology* 844.696.2947 ext 702 (o) | 479.531.3590 (c) <https://www.linkedin.com/in/pojoguy/> <https://maxistechnology.com/wp-content/uploads/vcards/vcard-David_Johnson.vcf> <https://maxistechnology.com/>
*Follow us:* <https://www.linkedin.com/company/maxis-tech-inc/>