Hi, thanks, changing 20-setup-ovrit-post.conf fixed the PKI Organization in engine-setup.
after engine-setup completed, I was not able to login to the webportal. I needed to copy the /etc/pki/ovirt-engine-backup-before-recreation back to ovirt-engine in order to login. The errors on the webportal were about PKI something. I didn't get a picture of it. sorry. On Thu, Jul 14, 2016 at 1:02 AM, Yedidyah Bar David <d...@redhat.com> wrote: > On Thu, Jul 14, 2016 at 2:58 AM, Paul Dyer <pmdyer...@gmail.com> wrote: > > I am not having any luck. When I get to step 5 (engine-setup), the "PKI > > organization" still has the old domainname??? > > You can try editing /etc/ovirt-engine-setup.conf.d/20-setup-ovirt-post.conf > and delete the line with 'OVESETUP_PKI/organization', then try engine-setup > again. > > Best, > > > > > --== CONFIGURATION PREVIEW ==-- > > > > Update Firewall : False > > Host FQDN : > bacchus.xxxcentral.com > > Engine database secured connection : False > > Engine database host : localhost > > Engine database user name : engine > > Engine database name : engine > > Engine database port : 5432 > > Engine database host name validation : False > > DWH database secured connection : False > > DWH database host : localhost > > DWH database user name : ovirt_engine_history > > DWH database name : ovirt_engine_history > > DWH database port : 5432 > > DWH database host name validation : False > > Engine installation : True > > PKI organization : xxxportal.com > > DWH installation : True > > Backup DWH database : True > > Engine Host FQDN : > bacchus.xxxcentral.com > > Configure VMConsole Proxy : False > > Configure WebSocket Proxy : False > > > > > > On Sun, Jul 10, 2016 at 2:27 AM, Yedidyah Bar David <d...@redhat.com> > wrote: > >> > >> On Sat, Jul 9, 2016 at 2:35 AM, Paul Dyer <pmdyer...@gmail.com> wrote: > >> > Hi, > >> > > >> > back in 2015, with the first install of ovirt, I used a domain of > >> > xxxportal.com. Since the client has an xxxcentral.com wildcard > >> > certificate, I added changed the hostname and domainname, and added > the > >> > cert/cacert to the apache webpage. > >> > > >> > The pki on ovirt and vdsm (host) both still have the original > >> > xxxportal.com > >> > domain. I am looking for a way to wipe away the old domain. > >> > > >> > Do I need to remove the host (not hosted engine), drop the > >> > datacenter/cluster, and build from a clean db? > >> > >> Basically yes. See also: > >> > >> > >> > https://www.ovirt.org/documentation/how-to/networking/changing-engine-hostname/ > >> > >> If you have lots of data in your engine (hosts, VMs etc), you might > manage > >> to > >> keep most of it by something like this, didn't try that: > >> > >> 1. Shutdown all VMs and move all hosts to maintenance > >> 2. Stop ovirt-engine service > >> 3. mv /etc/pki/ovirt-engine > /etc/pki/ovirt-engine-backup-before-recreation > >> 4. yum reinstall ovirt-engine-backend, or copy back from above backup > >> only these, without the files they hold (for directories), but keep > >> owner/permissions: > >> cacert.template.in certs cert.template.in keys openssl.conf > >> private requests > >> 5. engine-setup > >> It will notice pki is removed and recreate it for you > >> You might need to change admin password because it's encrypted with > >> engine's key > >> 6. Connect to web admin, and per host: > >> 6.1. Right click -> Enroll Certificate > >> 6.2. You might need Right-Click -> Reinstall > >> 6.3. Activate > >> > >> This should be enough, more-or-less. You might want, just in case, > >> before step 6, > >> to connect to all hosts and remove stuff under /etc/pki, but I didn't > >> check > >> what exactly. > >> > >> Best, > >> -- > >> Didi > > > > > > > > > > -- > > Paul Dyer, > > Mercury Consulting Group, RHCE > > 504-302-8750 > > > > -- > Didi > -- Paul Dyer, Mercury Consulting Group, RHCE 504-302-8750
_______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
