Bug 1375606

Summary: Flow for how to get certificate was changed in RHEV 4
Product: Red Hat Satellite Reporter: Petr Kubica <pkubica>
Component: Compute Resources - RHEVAssignee: satellite6-bugs <satellite6-bugs>
Status: CLOSED DUPLICATE QA Contact: Katello QA List <katello-qa-list>
Severity: high Docs Contact:
Priority: unspecified    
Version: 6.2.0CC: bbuckingham, jcallaha, katello-qa-list, satellite6-bugs
Target Milestone: UnspecifiedKeywords: Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1375602 Environment:
Last Closed: 2016-09-13 17:27:06 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1370169, 1375602, 1426391    
Bug Blocks:    

Description Petr Kubica 2016-09-13 14:08:23 UTC 
+++ This bug was initially created as a clone of Bug #1375602 +++

Description of problem:
Adding compute resources from provider RHEV try to get certificate from /ca.crt. That works fine for 3.6.x but in version 4 that certificate should be generated from [1]:
/ovirt-engine/services/pki-resource?resource=ca-certificate&format=X509-PEM-CA
It is no longer possible to obtain that certificate from /ca.crt in version 4.

[1] (from documentation or: https://www.ovirt.org/documentation/how-to/guest-console/connect-to-spice-console-without-portal/)

Version-Release number of selected component (if applicable):
RHEVM 4.0.4-2
Satellite 6.2.1 (the same issue is also in 6.1.9)

How reproducible:
Always

Steps to Reproduce:
1. Have a Satellite 
2. RHEVM 4.x
3. Try to add RHEVM 4.x as resource provider

Actual results:

Error:
Unable to save
Failed to create X509 certificate, error: nested asn1 error

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /ca.crt was not found on this server.</p>
</body></html>

Expected results:
Detect rhevm version from api or manually choose it in Satellite and get certificate properly for that version.
Trying to get certificate both ways could lead unnecessary delay
It's only suggestion, it's up to you.
Comment 1 Brad Buckingham 2016-09-13 17:27:06 UTC 
Closing this as a duplicate of the original clone.  If it is needed, please do let us know.

*** This bug has been marked as a duplicate of bug 1375602 ***