Bug 1146712 - Section: "Replacing the RHEVM SSL Certificate" (D1) should be updated and moved to Tech Guide
Summary: Section: "Replacing the RHEVM SSL Certificate" (D1) should be updated and mov...
Keywords:
Status: CLOSED DUPLICATE of bug 1336845
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: Documentation
Version: 3.5.0
Hardware: All
OS: Linux
medium
medium
Target Milestone: ovirt-4.1.0-alpha
: ---
Assignee: rhev-docs@redhat.com
QA Contact: Andrew Burden
URL:
Whiteboard:
Depends On:
Blocks: 1156381
TreeView+ depends on / blocked
 
Reported: 2014-09-25 20:35 UTC by Marina Kalinin
Modified: 2019-04-28 09:44 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-10-27 06:03:58 UTC
oVirt Team: Docs
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Bugzilla 1146710 medium CLOSED [RFE] engine tools should use apache-ca.pem certificate for ssl and not ca.pem 2021-01-20 06:05:38 UTC
Red Hat Bugzilla 1254838 unspecified CLOSED [hsoted-engine] adding second host fails with: "SSL3_GET_SERVER_CERTIFICATE:certificate verify failed" 2021-01-20 06:05:38 UTC
Red Hat Knowledge Base (Article) 216903 None None None Never

Internal Links: 1146710 1254838

Description Marina Kalinin 2014-09-25 20:35:13 UTC
Section: "Replacing the RHEVM SSL Certificate" (D1) should be updated and moved to Tech Guide [1].


I. The section should be updated with:
1) be persistent with the bold font. If you decide to mark some files as bold, mark all the files to be updated as bold, or do not use bold at all. otherwise confusing.
2) current solution is incomplete, since it does not cover the tools that needs to be updated, once the certificate is updated and it does not cover the scenarios when the apache-ca.pem is only an intermediate certificate, and not root CA. It will be verified by browser, but not by our tools.
More details and GSS documentation are in this bug:
https://bugzilla.redhat.com/show_bug.cgi?id=1146710

II. IMO, this section should be in the Tech Guide and not the Admin Guide.
I would say, this is an advanced option and not part of the default RHEV deployment. However, I would leave this part open to discussion.



[1] https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.4/html-single/Administration_Guide/index.html#Replacing_the_SSL_certificate_used_by_Red_Hat_Enterprise_Virtualization_Manager_to_identify_itself_to_users_connecting_over_https

Comment 2 Andrew Dahms 2015-09-03 00:37:56 UTC
Changing status back to 'New' until re-assignment.

Comment 3 Sandro Bonazzola 2015-10-26 12:43:06 UTC
this is an automated message. oVirt 3.6.0 RC3 has been released and GA is targeted to next week, Nov 4th 2015.
Please review this bug and if not a blocker, please postpone to a later release.
All bugs not postponed on GA release will be automatically re-targeted to

- 3.6.1 if severity >= high
- 4.0 if severity < high

Comment 4 Yaniv Lavi 2016-05-09 10:57:57 UTC
oVirt 4.0 Alpha has been released, moving to oVirt 4.0 Beta target.

Comment 6 Lucy Bopf 2016-10-27 06:03:58 UTC
It appears that the inconsistent file marking has been resolved in subsequent versions of this content, and the second item depends on an unresolved engineering bug. I don't think there is anything left to address in this bug at this time.

In addition, the section mentioned in this bug is now being updated and technically reviewed for 4.0 in bug 1373046 and bug 1336845.

*** This bug has been marked as a duplicate of bug 1336845 ***


Note You need to log in before you can comment on or make changes to this bug.