[ovirt-users] VDSM SSL validity
Punaatua PAINT-KOUI
punaatua.pk at gmail.com
Sun Mar 18 23:13:56 UTC 2018
Up
2018-02-17 2:57 GMT-10:00 Punaatua PAINT-KOUI <punaatua.pk at gmail.com>:
> Any idea someone ?
>
> Le 14 févr. 2018 23:19, "Punaatua PAINT-KOUI" <punaatua.pk at gmail.com> a
> écrit :
>
>> Hi,
>>
>> I setup an hyperconverged solution with 3 nodes, hosted engine on
>> glusterfs.
>> We run this setup in a PCI-DSS environment. According to PCI-DSS
>> requirements, we are required to reduce the validity of any certificate
>> under 39 months.
>>
>> I saw in this link https://www.ovirt.org/dev
>> elop/release-management/features/infra/pki/ that i can use the option
>> VdsCertificateValidityInYears at engine-config.
>>
>> I'm running ovirt engine 4.2.1 and i checked when i was on 4.2 how to
>> edit the option with engine-config --all and engine-config --list but the
>> option is not listed
>>
>> Am i missing something ?
>>
>> I thing i can regenerate a VDSM certificate with openssl and the CA conf
>> in /etc/pki/ovirt-engine on the hosted-engine but i would rather modifiy
>> the option for future host that I will add.
>>
>> --
>> -------------------------------------
>> PAINT-KOUI Punaatua
>>
>
--
-------------------------------------
PAINT-KOUI Punaatua
Licence Pro Réseaux et Télecom IAR
Université du Sud Toulon Var
La Garde France
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20180318/1d40400a/attachment.html>
More information about the Users
mailing list