Bug 1912067

Description of problem:

ovirt-engine-rename changes /etc/pki/ovirt-engine/qemu-cert.template to point at 'resource=ca-certificate' instead of keeping 'resource=qemu-ca-certificate'.

This is caused by the fix for bug 1875386.

Before bug 1875386, ovirt-engine-rename didn't change qemu-cert.template at all - it also didn't change the hostname to be the new name.

Also, it does not update /etc/pki/ovirt-engine/qemu-cert.conf at all, keeping it pointing at the old name. This was missed in the fix for bug 1875386.

Version-Release number of selected component (if applicable):
4.4.4.1

How reproducible:
Always

Steps to Reproduce:
1. Install and setup an engine with some FQDN
2. Run ovirt-engine-rename
3. grep authorityInfoAccess /etc/pki/ovirt-engine/qemu-cert.{conf,template}

Actual results:

qemu-cert.template points at:

caIssuers;URI:http://$NEW_FQDN:80/ovirt-engine/services/pki-resource?resource=ca-certificate&format=X509-PEM-CA

qemu-cert.conf points at:

caIssuers;URI:http://$OLD_FQDN:80/ovirt-engine/services/pki-resource?resource=qemu-ca-certificate&format=X509-PEM-CA

Expected results:

Both point at:

caIssuers;URI:http://$NEW_FQDN:80/ovirt-engine/services/pki-resource?resource=qemu-ca-certificate&format=X509-PEM-CA

Additional info:

Not sure how this affects use of certificates generated with the wrong conf. If it causes a problem, it should be fixed by reenrolling certificates for the host, after the engine is updated to a version that contains a fix to current bug.