Hi,
Looks like this is a suitable article.
https://microdevsys.com/wp/get-host-capabilities-failed-general-sslengine-problem/
<https://microdevsys.com/wp/get-host-capabilities-failed-general-sslengine-problem/>
Please note I have problem with
VDSM node14 command Get Host Capabilities failed: PKIX path validation failed:
java.security.cert.CertPathValidatorException: validity check failed
only on 1 node, everything else works just fine.
Is this correct or outdated/obsolete ?
[root@mdskvm-p01 vdsm]# /usr/libexec/vdsm/vdsm-gencerts.sh
/etc/pki/vdsm/certs/cacert.pem /etc/pki/vdsm/keys/vdsmkey.pem
/etc/pki/vdsm/certs/vdsmcert.pem
[root@mdskvm-p01 vdsm]#
[root@mdskvm-p01 vdsm]# ls -altri /usr/libexec/vdsm/vdsm-gencerts.sh
/etc/pki/vdsm/certs/cacert.pem /etc/pki/vdsm/keys/vdsmkey.pem
/etc/pki/vdsm/certs/vdsmcert.pem
67445862 -rwxr-xr-x. 1 root root 2362 Jul 9 05:36
/usr/libexec/vdsm/vdsm-gencerts.sh
45255 -rw——-. 1 vdsm kvm 5816 Sep 28 17:48 /etc/pki/vdsm/keys/vdsmkey.pem
203185926 -rw——-. 1 vdsm kvm 1127 Sep 28 17:48 /etc/pki/vdsm/certs/cacert.pem
203185790 -rw——-. 1 vdsm kvm 1241 Sep 28 17:48 /etc/pki/vdsm/certs/vdsmcert.pem
[root@mdskvm-p01 vdsm]#
> On 9 Aug 2022, at 03:43, adam...@adagene.com.cn wrote:
>
> Solution:
> https://access.redhat.com/solutions/3532921
>
> -----邮件原件-----
> 发件人: Andrei Verovski <andre...@starlett.lv>
> 发送时间: 2022年8月9日 3:14
> 收件人: users@ovirt.org
> 主题: [ovirt-users] Certificates Expiration Problem - Urgent Help Needed
>
> Hi !
>
> Today my hosts (engine + all nodes) certificates expired and I re-run
> engine-setup to renew certificates.
>
> Then I did for each node host:
> Edit host -> Advanced parameters -> Fetch SSH public key (PEM) in order to
> update certificates on nodes, everything was finished just fine.
>
> Unfortunately, one of the most crucial nodes (node14) still shows this
> error:
>
> VDSM node14 command Get Host Capabilities failed: PKIX path validation
> failed: java.security.cert.CertPathValidatorException: validity check failed
>
> Restarted vdsms and vdsm-network, still same, node is marked as
> non-responsive, and all VM with "?" sign (unknown status).
>
> However, node14 pings without any problem, its storage domain shown in green
> (OK), and all VMs are running fine.
>
> Service vdsm-network status is OK, vdsmd is NOT:
> Aug 08 22:07:27 node14.***.lv vdsm[1264164]: ERROR ssl handshake: socket
> error, address: ::ffff:192.168.0.4
>
> This node is running our accounting and stock control system, its storage
> domain holds VM disk of that software. If its nonoperational after restart,
> its a BIG trouble, I will not be able to migrate VM disk anywhere. Restoring
> accounting DB from daily backup is a lengthy process for 2 - 3 hours.
>
> Please advice what to do next.
>
> Thanks in advance.
> _______________________________________________
> Users mailing list -- users@ovirt.org
> To unsubscribe send an email to users-le...@ovirt.org Privacy Statement:
> https://www.ovirt.org/privacy-policy.html
> oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/7ERPAMDT2KO4W6VYYMNTYIMDHH7WTZGB/
> _______________________________________________
> Users mailing list -- users@ovirt.org
> To unsubscribe send an email to users-le...@ovirt.org
> Privacy Statement: https://www.ovirt.org/privacy-policy.html
> oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/SLO6UKLSHM4IGYOAUVW25ZVV4B2FPCKY/
_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/FOC2BYMJVGB7BJDA4X2NT6LHAHMLLMYX/
