solved reloaded libvirtd on servers involved in certificate renewal thanks чт, 8 сент. 2022 г. в 17:57, Milan Zamazal <mzama...@redhat.com>:
> parallax <dd432...@gmail.com> writes: > > > ovirt 4.4.4.7 > > > > not able to migrate VMs between hosts with following vdsm error: > > > > operation failed: Failed to connect to remote libvirt URI > > qemu+tls://kvm4.imp.loc/system: authentication failed: Failed to verify > > peer's certificate > > You should be able to see a more exact reason for the certificate > verification failure in libvirtd logs on the source host (perhaps after > adjusting logging settings in /etc/libvirt/libvirtd.conf + restarting > libvirtd). > > Anyway, you should check the certificates in /etc/pki/vdsm/certs on both > the source and destination hosts: > > - cacert.pem should be the Engine CA certificate. > > - vdsmcert.pem should be a certificate signed by the CA certificate, > with the right host name and not expired. > > If you are using encrypted migrations then you should additionally check > the certificates in /etc/pki/vdsm/libvirt-migrate. cacert.pem should be > the CA certificate, server-cert.pem a valid certificate signed by the CA > certificate and there should be links client-cert.pem and client-key.pem > to server-cert.pem and server-key.pem respectively. > > > hosts certificates was renewed recently but hosts hasn't been reloaded > > how to fix this issue > > Regards, > Milan > >
_______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/6URQYJKFDF6H46XVPU4MAUDOBLJBVNO6/