irt.org/develop/release-management/features/infra/pki/
>
> Best regards,
>
> >
> >
> >
> > Best,
> >
> > Daniel
> >
> >
> >
> > From: on behalf of Martin Perina
> >
> > Date: Tuesday, November 1, 2016 at 6:29 AM
res/infra/pki/
Best regards,
>
>
>
> Best,
>
> Daniel
>
>
>
> From: on behalf of Martin Perina
>
> Date: Tuesday, November 1, 2016 at 6:29 AM
> To: Kenneth Bingham
> Cc: users
> Subject: Re: [ovirt-users] Upgrading oVirt 3.6 with existing HTTPS
>
Martin Perina
Date: Tuesday, November 1, 2016 at 6:29 AM
To: Kenneth Bingham
Cc: users
Subject: Re: [ovirt-users] Upgrading oVirt 3.6 with existing HTTPS certificate
signed by custom CA to oVirt 4
On Tue, Nov 1, 2016 at 11:49 AM, Martin Perina
mailto:mper...@redhat.com>> wrote:
So first
On Tue, Nov 1, 2016 at 11:49 AM, Martin Perina wrote:
> So first of all, we don't support replacing oVirt internal CA which is
> used to sign host certificates. This internal CA is also used to sign HTTPS
> certificate by default, but you can provided your own HTTPS certificate
> signed by custom
So first of all, we don't support replacing oVirt internal CA which is used
to sign host certificates. This internal CA is also used to sign HTTPS
certificate by default, but you can provided your own HTTPS certificate
signed by custom CA. The correct steps how to do that are (assuming you
have you
That makes sense, but it is also disappointing to realize that oVirt
Manager will only trust certificates that itself has issued, and that there
is no support for Manager to trust VDSM server certificates issued by
another authority.
If I understand you correctly, then the *only* way to install a
Since you replace ca.pem you need to replace the private key of ca.pem
Please copy the private key of /etc/pki/ovirt-engine/ca.pem to
/etc/pki/ovirt-engine/private/ca.pem and let me know if everything works
On Thu, Oct 27, 2016 at 2:47 PM, Kenneth Bingham wrote:
>
> Thanks Ravi, that's helpful
Thanks Ravi, that's helpful and I appreciate the precision and attention to
detail. I performed similar steps to install a custom certificate for the
oVirt Manager GUI. But what about configuring ovirt-engine to trust a
certificate issued by the same CA and presented by the VDSM host? On the
hyperv
Here is a complete set of instructions that works for me
You can skip the first few steps of generating the certificate.
Ravi
Generate a self-signed certificate using openssl
==
openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout
privateKey.ke
Le 27/10/2016 à 00:14, Kenneth Bingham a écrit :
I did install a server certificate from a private CA on the engine
server for the oVirt 4 Manager GUI, but haven't figured out how to
configure engine to trust the same CA which also issued the server
certificate presented by vdsm. This is importan
I did install a server certificate from a private CA on the engine server
for the oVirt 4 Manager GUI, but haven't figured out how to configure
engine to trust the same CA which also issued the server certificate
presented by vdsm. This is important for us because this is the same server
certificat
11 matches
Mail list logo
