[Users] ssl error using ovirt-shell in 3.3.1

Gianluca Cecchi gianluca.cecchi at gmail.com
Tue Nov 26 17:29:03 UTC 2013

On Tue, Nov 26, 2013 at 4:06 PM, Michael Pasternak  wrote:
> On 11/26/2013 04:09 PM, Gianluca Cecchi wrote:
>> Hello,
>> based on RHEVM 3.2 and 3.3 beta docs I'm trying connection from ovirt cli.
>> I have:
>> engine on f19 + ovirt stable ovirt-engine-3.3.1-2.fc19.noarch
>> client from where I run cli is f19 with
>> ovirt-engine-sdk-python-
>> ovirt-engine-cli-

> this is client side certificate key, you should be using "ca_file" for the host CA.

Reading these documents:




It is not clear to me the correct combination/requirements on client
side to be able to connect

Suppose I keep empty (aka default values) the .ovirtshellrc file:

autoconnect = True
autopage = True
username =
timeout = None
extended_prompt = False
url =
insecure = False
filter = False
session_timeout = None
ca_file =
dont_validate_cert_chain = False
key_file = None
password =
cert_file =

And put all needed options into command line. The steps I understand I
have to do are

1) curl -o ca.crt http://f18engine/ca.crt
(that should be "server CA cert-file", correct?)

2) connect
But with
ovirt-shell -c -A ./ca.crt -l -u admin at internal

I get
error: _ssl.c:291: Both the key & certificate files must be specified

that I don't find any reference for in the docs...
Probably it is my fault with poor certificates/CA knowledge, but I
presume it should be simpler for a user that only wants to interface
to oVirt CLI have a correct sequence of steps

Also, from http://www.ovirt.org/CLI#Usage (referred in

ovirt-shell --help should give the help

but this seems not to be true:

 $ ovirt-shell --help


More information about the Users mailing list