[ovirt-users] VDSM SSL validity
Sahina Bose
sabose at redhat.com
Thu Mar 22 09:58:07 UTC 2018
Didi, Sandro - Do you know if this option VdsCertificateValidityInYears is
present in 4.2?
On Mon, Mar 19, 2018 at 4:43 AM, Punaatua PAINT-KOUI <punaatua.pk at gmail.com>
wrote:
> Up
>
> 2018-02-17 2:57 GMT-10:00 Punaatua PAINT-KOUI <punaatua.pk at gmail.com>:
>
>> Any idea someone ?
>>
>> Le 14 févr. 2018 23:19, "Punaatua PAINT-KOUI" <punaatua.pk at gmail.com> a
>> écrit :
>>
>>> Hi,
>>>
>>> I setup an hyperconverged solution with 3 nodes, hosted engine on
>>> glusterfs.
>>> We run this setup in a PCI-DSS environment. According to PCI-DSS
>>> requirements, we are required to reduce the validity of any certificate
>>> under 39 months.
>>>
>>> I saw in this link https://www.ovirt.org/dev
>>> elop/release-management/features/infra/pki/ that i can use the option
>>> VdsCertificateValidityInYears at engine-config.
>>>
>>> I'm running ovirt engine 4.2.1 and i checked when i was on 4.2 how to
>>> edit the option with engine-config --all and engine-config --list but the
>>> option is not listed
>>>
>>> Am i missing something ?
>>>
>>> I thing i can regenerate a VDSM certificate with openssl and the CA conf
>>> in /etc/pki/ovirt-engine on the hosted-engine but i would rather modifiy
>>> the option for future host that I will add.
>>>
>>> --
>>> -------------------------------------
>>> PAINT-KOUI Punaatua
>>>
>>
>
>
> --
> -------------------------------------
> PAINT-KOUI Punaatua
> Licence Pro Réseaux et Télecom IAR
> Université du Sud Toulon Var
> La Garde France
>
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20180322/d304df90/attachment.html>
More information about the Users
mailing list