Bug 1146775 - creating CA certificates
Summary: creating CA certificates
Keywords:
Status: CLOSED DUPLICATE of bug 1122895
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: Documentation
Version: 3.4.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: ---
Assignee: rhev-docs@redhat.com
QA Contact: ecs-bugs
URL:
Whiteboard:
Depends On:
Blocks: 1156381
TreeView+ depends on / blocked
 
Reported: 2014-09-26 03:43 UTC by Sage Grigull
Modified: 2015-10-07 12:36 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Build Name: 22720, Administration Guide-3.4-1.0 Build Date: 25-08-2014 14:06:11 Topic ID: 10782-591943 [Specified]
Last Closed: 2014-09-29 05:30:49 UTC
oVirt Team: ---
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Sage Grigull 2014-09-26 03:43:51 UTC 
Title: Replacing the Red Hat Enterprise Virtualization Manager SSL Certificate

Describe the issue:
It is unclear what constraints the resulting CA needs to work for rhevm

Suggestions for improvement:
A walk through of generating and signing the CA for rhev with the required CA options and constraints would be handy (using openssl).
A description of how rhev uses this CA and the resulting certificates would also assist in troubleshooting

Additional information:
having a broken cert in place prevents engine-log-collector from collecting the information to get appropriate support from GSS
Comment 1 Sage Grigull 2014-09-26 03:59:39 UTC 
Is the /etc/pki/ovirt-engine/keys/apache.p12 actually accessed ?

Should /etc/pki/ovirt-engine/apache-ca.pem contain a CA certificate based on the hostname?  Should it also have appended all intermediate CA certificates?
Comment 2 Julie 2014-09-29 05:30:49 UTC 

*** This bug has been marked as a duplicate of bug 1122895 ***
Note You need to log in before you can comment on or make changes to this bug.