Hi David, thx for your answer.
I have tried this non official documentation because it was the clearest and more straight forward I've found. indeed it's not perfect in terme of security, but having to renew each year so many different certificate across multiple cluster is really not convenient. The first time we had a certificate expiration we were not ready and long story short it brought us a production issue... indeed this doc doesn't mention vdsm, but the current start date of our vdsm certificate is matching with the date where we applied this doc, so I was quite suprised too, but it's definitively not related. Anyway we have a lot of vdsm cert that will expire next year, and we should be ready. (ovirt 4.4.10) I did a recent install of ovirt 4.5, and vdsm cert are valid for 5 years, which is really better. with our 4.4.10 clusters, if we "enrol cert", it will again be for one year? I guess the only way to have a bigger period would be to update our cluster to 4.5? thanks a lot, have a nice day _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/PFCML4STAS5IDGHB3LCL27KIAXD4Z7WW/