El 2015-06-11 11:16, Gianluca Cecchi escribió:
On Thu, Jun 11, 2015 at 11:57 AM, <nico...@devels.es> wrote:
El 2015-06-11 08:55, Simone Tiraboschi escribió:
Indeed, checking the Javascript console I discovered where the
culprit is. This ovirt engine machine had formerly a FQDN that was
changed afterwards (I used the .../setup/bin/ovirt-engine-rename
script), so at installation time, SSL certs were issued for that
FQDN. The ovirt-engine-rename script regenerated the engine certs,
but seems that it didn't do the work for the websocket proxy, so the
old FQDN cert is still used and a connection cannot be established
with the daemon (logically, due to the mismatch). I can't find any
documentation on how to regenerate the websocket proxy cert, though.
Is there some script for that, or at least some manual way to
accomplish it?
Thanks for your help.
Based on an environment in 3.3.2 I solved a situation with
webSocketProxy Enabled only after original install + update thanks to
Alon advises.
See full lthread here:
http://lists.ovirt.org/pipermail/users/2013-December/018554.html [1]
Possibly it can apply to your environment too
You could do the following:
1. remove
In /etc/pki/ovirt-engine/keys/:
websocket-proxy.key.nopass
websocket-proxy.p12
In /etc/pki/ovirt-engine/certs/:
websocket-proxy.cer
2. run setup using:
# engine-setup
--otopi-environment="OVESETUP_CONFIG/websocketProxyConfig=bool:True"
and this should create websocket proxy certificates/keys in correct
way....
Unfortunately not. The process seems to run:
[...]
[ INFO ] Configuring WebSocket Proxy
[...]
But once it ends, there are no certs. Neither restarting the daemon
works.
Thanks for the hint, anyway.
Be sure to make backups and verify better, in particular it this is a
production environment.
HIH,
Gianluca
Links:
------
[1] http://lists.ovirt.org/pipermail/users/2013-December/018554.html
_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
