[ovirt-users] Creating new users on oVirt 3.5

Alon Bar-Lev alonbl at redhat.com
Tue Dec 16 18:20:20 UTC 2014 


----- Original Message -----
> From: "Donny Davis" <donny at cloudspin.me>
> To: "Alon Bar-Lev" <alonbl at redhat.com>
> Cc: "Fedele Stabile" <fedele.stabile at fis.unical.it>, users at ovirt.org
> Sent: Tuesday, December 16, 2014 7:19:53 PM
> Subject: RE: [ovirt-users] Creating new users on oVirt 3.5
> 
> For the ca.pem, I had to import it from my ldap server, and this was my
> method of getting it to the engine.
> I use nano to create the file. there is probably a better way, but this was
> for my enviroment.

ok, no problem. usually ssh is better :)

> 
> -----Original Message-----
> From: Alon Bar-Lev [mailto:alonbl at redhat.com]
> Sent: Tuesday, December 16, 2014 10:13 AM
> To: Donny Davis
> Cc: Fedele Stabile; users at ovirt.org
> Subject: Re: [ovirt-users] Creating new users on oVirt 3.5
> 
> 
> 
> ----- Original Message -----
> > From: "Donny Davis" <donny at cloudspin.me>
> > To: "Alon Bar-Lev" <alonbl at redhat.com>, "Fedele Stabile"
> > <fedele.stabile at fis.unical.it>
> > Cc: users at ovirt.org
> > Sent: Tuesday, December 16, 2014 4:57:16 PM
> > Subject: RE: [ovirt-users] Creating new users on oVirt 3.5
> > 
> > Check out my write-up on AAA,
> > I tried my best to break it down, and make it simple
> > 
> > https://cloudspin.me/ovirt-simple-ldap-aaa/
> 
> Thanks for helpful documentation!
> 
> > Once again, don’t get hung up on the file names, they really only mean
> > something to you. Maybe someone that knows more than me can shed some
> > light on this??
> 
> Indeed the file names are not important as long as the extension is
> .properties the files will be read.
> 
> > Important to note, that if you use an IP Address here you may have TLS
> > problems, and once again I am no pro, but I had problems trying to get TLS
> > and IP addresses to play nice
> 
> Indeed, the certificate should contain ip address in subject or subject
> alternate name in order to ip to be usable in tls, this is not specific to
> this implementation.
> 
> > nano ca.pem – This is done on your engine, and you paste the above output
> > into this file
> 
> not sure why you cannot just use ca.pem as-is when using keytool.
> 
> Regards,
> Alon Bar-Lev.
> 
>

More information about the Users mailing list