[Users] migration & missing cert - 3.2 alpha

Alon Bar-Lev alonbl at redhat.com
Sat Dec 15 22:47:02 UTC 2012



----- Original Message -----
> From: "Jeff Bailey" <bailey at cs.kent.edu>
> To: "Alon Bar-Lev" <alonbl at redhat.com>
> Cc: users at ovirt.org
> Sent: Sunday, December 16, 2012 12:39:48 AM
> Subject: Re: [Users] migration & missing cert - 3.2 alpha
> 
> 
> On 12/15/2012 1:49 PM, Alon Bar-Lev wrote:
> >
> > ----- Original Message -----
> >> From: "Jeff Bailey" <bailey at cs.kent.edu>
> >> To: users at ovirt.org
> >> Sent: Saturday, December 15, 2012 6:28:20 PM
> >> Subject: [Users] migration & missing cert - 3.2 alpha
> >>
> >> Hi,
> >>
> >> I have an F18 Beta + oVirt 3.2 alpha setup with two hosts.  When I
> >> try
> >> to migrate from one host to the other I get
> >>
> >> 2012-12-15 15:18:51.381+0000: 1541: error :
> >> virNetTLSContextCheckCertFile:113 :
> >> Cannot read CA certificate '/etc/pki/CA/cacert.pem': No such file
> >> or
> >> directory
> >>
> >> in libvirtd.log on the source host.  Is that actually where the
> >> cert
> >> should be and I should try to track down why it's not there or
> >> should
> >> it
> >> be somewhere else?  If it should be somewhere else where would
> >> that
> >> be
> >> configured?  The default location for the client certificates
> >> seems
> >> to
> >> be /etc/pki/libvirt which doesn't exist so even with a cacert it
> >> still
> >> probably wouldn't work.  Could this be related to the missing
> >> spice
> >> certificates (I manually made the symbolic links for those).
> >>
> >> Thanks,
> >>     Jeff
> > This is interesting...
> >
> > What do you have in both machines at /etc/libvirt/libvirtd.conf in
> > ca_file, cert_file, key_file?
> 
> In /etc/libvirt/libvirtd.conf on both hosts:
> 
> ca_file="/etc/pki/vdsm/certs/cacert.pem"
> cert_file="/etc/pki/vdsm/certs/vdsmcert.pem"
> key_file="/etc/pki/vdsm/keys/vdsmkey.pem"
> 
> It looks like it pulled libvirt-0.10.2.2-1.fc18.x86_64 from the F18
> updates-testing repository.  Maybe that's the problem.  I'll try to
> install a clean F18 beta with the updates-testing repo disabled.

OK... although it seems like libvirtd somehow ignores its own settings :)

> > As as far as I seen these variables set to /etc/pki/vdsm/*, I did
> > not duplicate these files to libvirtd.
> >
> > I would like to understand why the default libvirt setting are in
> > effect.
> >
> > Regards,
> > Alon
> 
> 



More information about the Users mailing list