[ovirt-users] VDSM SSL validity
Punaatua PAINT-KOUI
punaatua.pk at gmail.com
Thu Feb 15 09:19:02 UTC 2018
Hi,
I setup an hyperconverged solution with 3 nodes, hosted engine on glusterfs.
We run this setup in a PCI-DSS environment. According to PCI-DSS
requirements, we are required to reduce the validity of any certificate
under 39 months.
I saw in this link
https://www.ovirt.org/develop/release-management/features/infra/pki/ that i
can use the option VdsCertificateValidityInYears at engine-config.
I'm running ovirt engine 4.2.1 and i checked when i was on 4.2 how to edit
the option with engine-config --all and engine-config --list but the option
is not listed
Am i missing something ?
I thing i can regenerate a VDSM certificate with openssl and the CA conf in
/etc/pki/ovirt-engine on the hosted-engine but i would rather modifiy the
option for future host that I will add.
--
-------------------------------------
PAINT-KOUI Punaatua
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20180214/7c30914a/attachment.html>
More information about the Users
mailing list