Bug 1258585

Summary: [engine] host cert about to expire is detected as already expired
Product: Red Hat Enterprise Virtualization Manager Reporter: Jiri Belka <jbelka>
Component: ovirt-engineAssignee: Moti Asayag <masayag>
Status: CLOSED CURRENTRELEASE QA Contact: Jiri Belka <jbelka>
Severity: high Docs Contact:
Priority: high    
Version: 3.6.0CC: gklein, lsurette, oourfali, rbalakri, Rhev-m-bugs, srevivo, ykaul
Target Milestone: ovirt-3.6.0-rc   
Target Release: 3.6.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 3.6.0-12 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-04-20 01:36:44 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Infra RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1188759    

Description Jiri Belka 2015-08-31 17:05:18 UTC 
Description of problem:

probably similar issue as in BZ1257876

2020-08-04 18:58:02,909 ERROR [org.ovirt.engine.core.vdsbroker.vdsbroker.GetCapabilitiesVDSCommand] (DefaultQuartzScheduler_Worker-26) [] Command 'GetCapabilitiesVDSCommand(HostName = dell-r210ii-13.rhev.lab.eng.brq.redhat.com, VdsIdAndVdsVDSCommandParametersBase:{runAsync='true', hostId='eb400a81-e668-42ff-9752-59bef822f253', vds='Host[dell-r210ii-13.rhev.lab.eng.brq.redhat.com,eb400a81-e668-42ff-9752-59bef822f253]'})' execution failed: VDSGenericException: VDSNetworkException: Received fatal alert: certificate_expired
2020-08-04 18:58:02,909 ERROR [org.ovirt.engine.core.vdsbroker.HostMonitoring] (DefaultQuartzScheduler_Worker-26) [] Failure to refresh Vds runtime info: VDSGenericException: VDSNetworkException: Received fatal alert: certificate_expired
2020-08-04 18:58:02,909 ERROR [org.ovirt.engine.core.vdsbroker.HostMonitoring] (DefaultQuartzScheduler_Worker-26) [] Exception: org.ovirt.engine.core.vdsbroker.vdsbroker.VDSNetworkException: VDSGenericException: VDSNetworkException: Received fatal alert: certificate_expired
2020-08-04 18:58:02,920 WARN  [org.ovirt.engine.core.vdsbroker.VdsManager] (DefaultQuartzScheduler_Worker-26) [] Failed to refresh VDS, network error, continuing, vds='dell-r210ii-13.rhev.lab.eng.brq.redhat.com'(eb400a81-e668-42ff-9752-59bef822f253): VDSGenericException: VDSNetworkException: Received fatal alert: certificate_expired
2020-08-04 18:58:05,968 ERROR [org.ovirt.engine.core.vdsbroker.vdsbroker.GetAllVmStatsVDSCommand] (DefaultQuartzScheduler_Worker-35) [] Command 'GetAllVmStatsVDSCommand(HostName = dell-r210ii-13.rhev.lab.eng.brq.redhat.com, VdsIdAndVdsVDSCommandParametersBase:{runAsync='true', hostId='eb400a81-e668-42ff-9752-59bef822f253', vds='Host[dell-r210ii-13.rhev.lab.eng.brq.redhat.com,eb400a81-e668-42ff-9752-59bef822f253]'})' execution failed: VDSGenericException: VDSNetworkException: Received fatal alert: certificate_expired
2020-08-04 18:58:21,006 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (DefaultQuartzScheduler_Worker-47) [] Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: VDSM dell-r210ii-13.rhev.lab.eng.brq.redhat.com command failed: Received fatal alert: certificate_expired
2020-08-04 18:58:21,008 ERROR [org.ovirt.engine.core.vdsbroker.vdsbroker.GetCapabilitiesVDSCommand] (DefaultQuartzScheduler_Worker-47) [] Command 'GetCapabilitiesVDSCommand(HostName = dell-r210ii-13.rhev.lab.eng.brq.redhat.com, VdsIdAndVdsVDSCommandParametersBase:{runAsync='true', hostId='eb400a81-e668-42ff-9752-59bef822f253', vds='Host[dell-r210ii-13.rhev.lab.eng.brq.redhat.com,eb400a81-e668-42ff-9752-59bef822f253]'})' execution failed: VDSGenericException: VDSNetworkException: Received fatal alert: certificate_expired
2020-08-04 18:58:21,008 ERROR [org.ovirt.engine.core.vdsbroker.HostMonitoring] (DefaultQuartzScheduler_Worker-47) [] Failure to refresh Vds runtime info: VDSGenericException: VDSNetworkException: Received fatal alert: certificate_expired
2020-08-04 18:58:21,009 ERROR [org.ovirt.engine.core.vdsbroker.HostMonitoring] (DefaultQuartzScheduler_Worker-47) [] Exception: org.ovirt.engine.core.vdsbroker.vdsbroker.VDSNetworkException: VDSGenericException: VDSNetworkException: Received fatal alert: certificate_expired
2020-08-04 18:58:21,013 WARN  [org.ovirt.engine.core.vdsbroker.VdsManager] (DefaultQuartzScheduler_Worker-47) [] Failed to refresh VDS, network error, continuing, vds='dell-r210ii-13.rhev.lab.eng.brq.redhat.com'(eb400a81-e668-42ff-9752-59bef822f253): VDSGenericException: VDSNetworkException: Received fatal alert: certificate_expired
2020-08-04 18:58:21,066 INFO  [org.ovirt.engine.core.vdsbroker.VdsManager] (org.ovirt.thread.pool-7-thread-6) [] Server failed to respond, vds_id='eb400a81-e668-42ff-9752-59bef822f253', vds_name='dell-r210ii-13.rhev.lab.eng.brq.redhat.com', vm_count=0, spm_status='None', non-responsive_timeout (seconds)=60, error: VDSGenericException: VDSNetworkException: Received fatal alert: certificate_expired
2020-08-04 18:58:21,090 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (org.ovirt.thread.pool-7-thread-6) [] Correlation ID: null, Call Stack: org.ovirt.engine.core.vdsbroker.vdsbroker.VDSNetworkException: VDSGenericException: VDSNetworkException: Received fatal alert: certificate_expired
2020-08-04 18:58:24,048 ERROR [org.ovirt.engine.core.vdsbroker.vdsbroker.GetAllVmStatsVDSCommand] (DefaultQuartzScheduler_Worker-88) [] Command 'GetAllVmStatsVDSCommand(HostName = dell-r210ii-13.rhev.lab.eng.brq.redhat.com, VdsIdAndVdsVDSCommandParametersBase:{runAsync='true', hostId='eb400a81-e668-42ff-9752-59bef822f253', vds='Host[dell-r210ii-13.rhev.lab.eng.brq.redhat.com,eb400a81-e668-42ff-9752-59bef822f253]'})' execution failed: VDSGenericException: VDSNetworkException: Received fatal alert: certificate_expired
^C
[root@jb-bz1 ~]# date
Tue Aug  4 18:58:37 CEST 2020

but the cert is:

[root@dell-r210ii-13 ~]# openssl x509 -in /etc/pki/vdsm/certs/vdsmcert.pem -enddate -noout ; date
notAfter=Aug 29 16:36:25 2020 GMT
Tue Aug  4 19:00:57 CEST 2020


Version-Release number of selected component (if applicable):
rhevm-backend-3.6.0-0.12.master.el6.noarch

How reproducible:
100%

Steps to Reproduce:
1. have a host cert that is about to expire in < 30 days
2.
3.

Actual results:
detected as expired

Expected results:
detected as about to expire

Additional info:
Comment 1 Jiri Belka 2015-12-21 16:16:03 UTC 
ok,  rhevm-3.6.1.3-0.1.el6.noarch

Nov 20, 2015 6:03:45 PM
	
Host dell-r210ii-04 certification is about to expire at 2015-12-15. Please renew the host's certification.