On Fri, Jul 15, 2016 at 3:43 AM, Paul Dyer <pmdyer...@gmail.com> wrote: > Hi, > > thanks, changing 20-setup-ovrit-post.conf fixed the PKI Organization in > engine-setup. > > after engine-setup completed, I was not able to login to the webportal. I
With what user? admin@internal or some external directory user (or something else)? Did you get an error message? Do you still have logs you can/want to share? > needed to copy the /etc/pki/ovirt-engine-backup-before-recreation back to > ovirt-engine in order to login. But didn't this partially revert your rename? > The errors on the webportal were about PKI > something. I didn't get a picture of it. sorry. Quite likely it's still possible to find in the logs. > > > > > > On Thu, Jul 14, 2016 at 1:02 AM, Yedidyah Bar David <d...@redhat.com> wrote: >> >> On Thu, Jul 14, 2016 at 2:58 AM, Paul Dyer <pmdyer...@gmail.com> wrote: >> > I am not having any luck. When I get to step 5 (engine-setup), the >> > "PKI >> > organization" still has the old domainname??? >> >> You can try editing >> /etc/ovirt-engine-setup.conf.d/20-setup-ovirt-post.conf >> and delete the line with 'OVESETUP_PKI/organization', then try >> engine-setup >> again. >> >> Best, >> >> > >> > --== CONFIGURATION PREVIEW ==-- >> > >> > Update Firewall : False >> > Host FQDN : >> > bacchus.xxxcentral.com >> > Engine database secured connection : False >> > Engine database host : localhost >> > Engine database user name : engine >> > Engine database name : engine >> > Engine database port : 5432 >> > Engine database host name validation : False >> > DWH database secured connection : False >> > DWH database host : localhost >> > DWH database user name : ovirt_engine_history >> > DWH database name : ovirt_engine_history >> > DWH database port : 5432 >> > DWH database host name validation : False >> > Engine installation : True >> > PKI organization : xxxportal.com >> > DWH installation : True >> > Backup DWH database : True >> > Engine Host FQDN : >> > bacchus.xxxcentral.com >> > Configure VMConsole Proxy : False >> > Configure WebSocket Proxy : False >> > >> > >> > On Sun, Jul 10, 2016 at 2:27 AM, Yedidyah Bar David <d...@redhat.com> >> > wrote: >> >> >> >> On Sat, Jul 9, 2016 at 2:35 AM, Paul Dyer <pmdyer...@gmail.com> wrote: >> >> > Hi, >> >> > >> >> > back in 2015, with the first install of ovirt, I used a domain of >> >> > xxxportal.com. Since the client has an xxxcentral.com wildcard >> >> > certificate, I added changed the hostname and domainname, and added >> >> > the >> >> > cert/cacert to the apache webpage. >> >> > >> >> > The pki on ovirt and vdsm (host) both still have the original >> >> > xxxportal.com >> >> > domain. I am looking for a way to wipe away the old domain. >> >> > >> >> > Do I need to remove the host (not hosted engine), drop the >> >> > datacenter/cluster, and build from a clean db? >> >> >> >> Basically yes. See also: >> >> >> >> >> >> >> >> https://www.ovirt.org/documentation/how-to/networking/changing-engine-hostname/ >> >> >> >> If you have lots of data in your engine (hosts, VMs etc), you might >> >> manage >> >> to >> >> keep most of it by something like this, didn't try that: >> >> >> >> 1. Shutdown all VMs and move all hosts to maintenance >> >> 2. Stop ovirt-engine service >> >> 3. mv /etc/pki/ovirt-engine >> >> /etc/pki/ovirt-engine-backup-before-recreation >> >> 4. yum reinstall ovirt-engine-backend, or copy back from above backup >> >> only these, without the files they hold (for directories), but keep >> >> owner/permissions: >> >> cacert.template.in certs cert.template.in keys openssl.conf >> >> private requests >> >> 5. engine-setup >> >> It will notice pki is removed and recreate it for you >> >> You might need to change admin password because it's encrypted with >> >> engine's key Did you change admin password? Best, >> >> 6. Connect to web admin, and per host: >> >> 6.1. Right click -> Enroll Certificate >> >> 6.2. You might need Right-Click -> Reinstall >> >> 6.3. Activate >> >> >> >> This should be enough, more-or-less. You might want, just in case, >> >> before step 6, >> >> to connect to all hosts and remove stuff under /etc/pki, but I didn't >> >> check >> >> what exactly. >> >> >> >> Best, >> >> -- >> >> Didi >> > >> > >> > >> > >> > -- >> > Paul Dyer, >> > Mercury Consulting Group, RHCE >> > 504-302-8750 >> >> >> >> -- >> Didi > > > > > -- > Paul Dyer, > Mercury Consulting Group, RHCE > 504-302-8750 -- Didi _______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel