Bug 1309610

Summary: 'SSL without validation' set as Security Protocol on RHOS provider in CFME but not working
Product: Red Hat Quickstart Cloud Installer Reporter: Antonin Pagac <apagac>
Component: Installation - CloudFormsAssignee: John Matthews <jmatthew>
Status: CLOSED DUPLICATE QA Contact: Dave Johnson <dajohnso>
Severity: unspecified Docs Contact: Dan Macpherson <dmacpher>
Priority: unspecified    
Version: 1.0CC: bthurber
Target Milestone: ---   
Target Release: 1.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-02-18 10:53:33 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Antonin Pagac 2016-02-18 09:44:31 UTC 
Description of problem:
I have all-in-one deployment on freshly installed Sat + OSPD with CFME on OSP. I have run into an issue, where CFME cannot verify credentials for RHOS cloud provider. So RHOS is added to CFME but it isn't working, RHEV is added to CFME and working as expected. When I manually try to edit RHOS and validate credentials, I'm getting:

"Credential validation was not successful: Socket error: SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown protocol (OpenSSL::SSL::SSLError)"

This is with 'SSL without validation' selected as Security Protocol. The fix is to set 'Non-SSL' there, RHOS then starts working as expected.

This issue is kind of weird because I have seen deployments where CFME could not communicate with RHEV nor RHOS and I have also seen deployments where everything worked as it should without any manual intervention.

Version-Release number of selected component (if applicable):
TP2 RC9
RHCI-6.0-RHEL-7-20160208.1-RHCI-x86_64-dvd1.iso
RHCIOOO-7-RHEL-7-20160127.0-RHCIOOO-x86_64-dvd1.iso

How reproducible:
?

Steps to Reproduce:
1. Deploy an all-in-one deployment with CFME on OSP
2. Log in to CFME, look at Cloud -> Providers and Infrastructure -> Providers
3. There is a chance RHEV or RHOS will be unable to work properly

Actual results:
RHOS added to CFME but unable to work as expected

Expected results:
RHOS added to CFME and green; can list instances and work as expected

Additional info:
The fix is to set 'Non-SSL' as Security Protocol when editing RHOS provider.
Comment 1 Antonin Pagac 2016-02-18 10:53:33 UTC 
This bug is a duplicate of bug 1309419

*** This bug has been marked as a duplicate of bug 1309419 ***