[Users] Hosted Engine adding host SSL Failure (w/ engine custom cert)

Andrew Lau andrew at andrewklau.com
Wed Jan 29 06:38:33 UTC 2014


Hi,

After running through the new patch posted in BZ 1055153 I'm adding a
second host to the hosted-engine cluster but it seems to fail right before
the finish:

[ ERROR ] Failed to execute stage 'Closing up': [ERROR]::oVirt API
connection failure, [Errno 1] _ssl.c:492: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

Couple Extra Notes:
Engine has a custom SSL cert but the CA has been trusted by the new host.
When I temporarily return the engine's SSL back to the default generated
one the install will succeed.

Setup logs: http://www.fpaste.org/72624/13909770/

What confuses me is:

curl https://engine.example.net with the custom SSL cert will succeed but
with the original self-signed gives the expected "insecure" message. What
criteria need to be met so the install will pass?

Thanks,
Andrew
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20140129/0b17f21d/attachment-0001.html>


More information about the Users mailing list