You need to import your intermediate certificate and possibly your CA certificate into the ovirt-engine keystore. This is the command I used:
sudo keytool -importcert -trustcacerts -keystore /etc/pki/ovirt-engine/.truststore -storepass mypass -file /etc/pki/tls/certs/startcom.class1.server.ca.pem The password is actually "mypass". Scott On Fri, Jun 24, 2016 at 11:33 AM Matt Haught <dmhau...@ncsu.edu> wrote: > So I switched back to the original self-signed certs that I had luckily > saved and was able to get in without error. Is there a new process for > using non-self-signed certs with ovirt 4.0? > > Thanks, > -- > Matt Haught > > On Fri, Jun 24, 2016 at 11:19 AM, Matt Haught <dmhau...@ncsu.edu> wrote: > >> I just attempted an upgrade from 3.6 to 4.0 hosted engine and ran into an >> problem. The hosted engine vm updated without issue, but when I go to login >> to the web interface to continue the process I get: >> >> sun.security.validator.ValidatorException: PKIX path building failed: >> sun.security.provider.certpath.SunCertPathBuilderException: unable to find >> valid certification path to requested target >> >> at every page load and I can't login. I have a feeling that the issue >> comes from where I replaced the self-signed certs with trusted ca signed >> certs a year ago. Is there a work around? >> >> CentOS 7.2 >> >> Thanks, >> >> -- >> Matt Haught >> > > _______________________________________________ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users >
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users