[ovirt-users] expired cert for aaa

cmc iucounu at gmail.com
Mon Nov 7 19:15:26 UTC 2016


To reply to my own email:

This is now fixed.

I originally ran these steps for the upgrade:

# yum install http://resources.ovirt.org/pub/yum-repo/ovirt-release40.rpm
# yum update "ovirt-engine-setup*"
# engine-setup

There were no errors reported during the process. I could login as the
internal user without any errors. It was just using an external provider,
which made me think it was an aaa issue, so I looked
at the certificate exported from AD which had an expiry of 2063.

I tried running engine-setup again, and this fixed the issue. I have no
idea what happened along the way, I will check the logs. I notice it
reports:

[ INFO  ] Upgrading CA

so it looks like it creates a cert. Why it would have created one with such
a short expiry date is a mystery to me.

Hope this helps anyone who might come across this issue

Cheers,

Cam

On Mon, Nov 7, 2016 at 7:03 PM, cmc <iucounu at gmail.com> wrote:

> Hi,
>
> I upgraded my engine host from 4.0.2.7 to 4.0.4 and when I attempt to
> login via a aaa provider I get:
>
>  java.security.cert.CertificateExpiredException: NotAfter: Fri Nov 04
> 00:19:18 GMT 2016,
>
> What certificate is this referring to? The certificate from the aaa
> provider expires in 2063.
>
> It was fine until the upgrade.
>
> Thanks for any help,
>
> Cam
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20161107/5aaa4f90/attachment-0001.html>


More information about the Users mailing list