Bug 1783337
Summary: | Rename tools does not renew certificates and engine config for websocket | ||
---|---|---|---|
Product: | [oVirt] ovirt-engine | Reporter: | Ivana Saranova <isaranov> |
Component: | Tools.Rename | Assignee: | Yedidyah Bar David <didi> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Ivana Saranova <isaranov> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 4.4.0 | CC: | bugs, didi, lleistne |
Target Milestone: | ovirt-4.4.1 | Flags: | pm-rhel:
ovirt-4.4+
sbonazzo: planning_ack? sbonazzo: devel_ack+ lleistne: testing_ack+ |
Target Release: | 4.4.1.7 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | ovirt-engine-4.4.1.7 | Doc Type: | Bug Fix |
Doc Text: |
Previously, the rename tool did not renew the `websocketproxy` certificates and did not update the value of `WebSocketProxy` in the engine configuration. This caused issues such as the VNC browser console not being able to connect to the server. The current release fixes this issue. Now, `ovirt-engine-rename` handles the websocket proxy correctly. It regenerates the certificate, restarts the service, and updates the value of `WebSocketProxy`.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2020-08-05 06:25:30 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | Integration | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1853196 |
Description
Ivana Saranova
2019-12-13 15:27:45 UTC
We need to conside also what happens if websocket proxy is not running on the same host running the engine. Steps: 1. Run rename tool (also run engine-setup and reboot if needed) 2. Check websocketproxy certificates, for example subject name `vi /etc/pki/ovirt-engine/certs/websocket-proxy.cer` 3. Check engine config WebSocketProxy value `engine-config -g WebSocketProxy` Results: The Engine config value is correct and the subject CN value in websocket-proxy and apache cers is also correct. However, some records where subject was not correct were found in cers for engine, jboss and vmconsole-proxy-helper. A separate issue for this should be created. Verified in: ovirt-engine-4.4.1.8-0.7.el8ev.noarch ovirt-engine-websocket-proxy-4.4.1.8-0.7.el8ev.noarch This bugzilla is included in oVirt 4.4.1 release, published on July 8th 2020. Since the problem described in this bug report should be resolved in oVirt 4.4.1 release, it has been closed with a resolution of CURRENT RELEASE. If the solution does not work for you, please open a new bug report. Please review the updated Doc Text. Thank you. Looks good to me. |