[ovirt-users] oVirt node vdsm certificate issue
Raul Laansoo
raul.laansoo at bigbank.ee
Mon Sep 29 11:40:33 UTC 2014
Hi.
I have configured Engine webservice to use certificate issued by internal CA. According to http://www.ovirt.org/Features/PKI the CA certificates must be in /etc/pki/ovirt-engine/apache-ca.pem. I have kept the self signed (Engine internal) certificate (previously linked from /etc/pki/ovirt-engine/apache-ca.pem to /etc/pki/ovirt-engine/ca.pem) in /etc/pki/ovirt-engine/ca.pem.
When I want to approve/install node host, the /etc/pki/ovirt-engine/apache-ca.pem file is downloaded to node as /etc/pki/vdsm/certs/cacert.pem. Because vdsmcert.pem is not signed by this CA, libvirt fails to start. How should I set up Engine local and internal CA files, so that they would not conflict?
oVirt Node Hypervisor release 3.0.4 (1.0.201401291204.el6)
oVirt Engine Version: 3.4.3-1.el6
Thank you
---
Raul Laansoo
More information about the Users
mailing list