<div dir="ltr"><div><div><div>To reply to my own email: <br><br></div><div>This is now fixed.<br></div><div><br></div>I originally ran these steps for the upgrade:<br><br># yum install <a href="http://resources.ovirt.org/pub/yum-repo/ovirt-release40.rpm">http://resources.ovirt.org/pub/yum-repo/ovirt-release40.rpm</a> <br># yum update "ovirt-engine-setup*" <br># engine-setup <br><div><br></div><div>There were no errors reported during the process. I could login as the internal user without any errors. It was just using an external provider, which made me think it was an aaa issue, so I looked<br></div><div>at the certificate exported from AD which had an expiry of 2063.<br></div><div><br>I tried running engine-setup again, and this fixed the issue. I have no idea what happened along the way, I will check the logs. I notice it reports:<br><br>[ INFO ] Upgrading CA<br><br></div><div>so it looks like it creates a cert. Why it would have created one with such a short expiry date is a mystery to me.<br><br></div>Hope this helps anyone who might come across this issue<br><br></div>Cheers,<br><br></div>Cam<br></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Nov 7, 2016 at 7:03 PM, cmc <span dir="ltr"><<a href="mailto:iucounu@gmail.com" target="_blank">iucounu@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div><div><div>Hi,<br><br></div>I upgraded my engine host from 4.0.2.7 to 4.0.4 and when I attempt to login via a aaa provider I get:<br><br> java.security.cert.<wbr>CertificateExpiredException: NotAfter: Fri Nov 04 00:19:18 GMT 2016, <br><br></div>What certificate is this referring to? The certificate from the aaa provider expires in 2063. <br><br></div><div>It was fine until the upgrade.<br></div><div><br></div>Thanks for any help,<br><br></div>Cam<br></div>
</blockquote></div><br></div>