Hide Forgot
On a clean system install, trying to use virsh connection for accessing the shell for installing the OS inside the Self Hosted Engine VM leads to # virsh -c qemu+tls:///Test/system console HostedEngine error: Cannot read CA certificate '/etc/pki/CA/cacert.pem': No such file or directory error: failed to connect to the hypervisor the '/etc/pki/CA/cacert.pem' is created later when the host is added to the manager by ovirt-host-deploy. We need to provide /etc/pki/CA/cacert.pem before OS installation for allowing virsh to connect to the hypervisor.
Workaround: http://libvirt.org/remote.html#Remote_TLS_CA
*** Bug 1034679 has been marked as a duplicate of this bug. ***
also server and client certificates are missing, causing libvirt not listening on qemu+tls port.
*** Bug 1035395 has been marked as a duplicate of this bug. ***
Also /etc/pki/libvirt-spice cretificates are generated by ovirt-host-deploy at later stage, so when creating cacert.pem hosted-engine --deploy need to take care of these too.
*** Bug 1056649 has been marked as a duplicate of this bug. ***
As workaround, perform an all-in-one setup, then execute cleanup and deploy hosted-engine or use VNC connection.
*** Bug 1058936 has been marked as a duplicate of this bug. ***
*** Bug 1063576 has been marked as a duplicate of this bug. ***
*** Bug 1067683 has been marked as a duplicate of this bug. ***
Moving back to assigned as /etc/pki/libvirt might not exist.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2014-0505.html