This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 1309610 - 'SSL without validation' set as Security Protocol on RHOS provider in CFME but not working
'SSL without validation' set as Security Protocol on RHOS provider in CFME bu...
Status: CLOSED DUPLICATE of bug 1309419
Product: Red Hat Quickstart Cloud Installer
Classification: Red Hat
Component: Installation - CloudForms (Show other bugs)
1.0
Unspecified Unspecified
unspecified Severity unspecified
: ---
: 1.0
Assigned To: John Matthews
Dave Johnson
Dan Macpherson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2016-02-18 04:44 EST by Antonin Pagac
Modified: 2016-04-29 12:21 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-02-18 05:53:33 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Antonin Pagac 2016-02-18 04:44:31 EST
Description of problem:
I have all-in-one deployment on freshly installed Sat + OSPD with CFME on OSP. I have run into an issue, where CFME cannot verify credentials for RHOS cloud provider. So RHOS is added to CFME but it isn't working, RHEV is added to CFME and working as expected. When I manually try to edit RHOS and validate credentials, I'm getting:

"Credential validation was not successful: Socket error: SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown protocol (OpenSSL::SSL::SSLError)"

This is with 'SSL without validation' selected as Security Protocol. The fix is to set 'Non-SSL' there, RHOS then starts working as expected.

This issue is kind of weird because I have seen deployments where CFME could not communicate with RHEV nor RHOS and I have also seen deployments where everything worked as it should without any manual intervention.

Version-Release number of selected component (if applicable):
TP2 RC9
RHCI-6.0-RHEL-7-20160208.1-RHCI-x86_64-dvd1.iso
RHCIOOO-7-RHEL-7-20160127.0-RHCIOOO-x86_64-dvd1.iso

How reproducible:
?

Steps to Reproduce:
1. Deploy an all-in-one deployment with CFME on OSP
2. Log in to CFME, look at Cloud -> Providers and Infrastructure -> Providers
3. There is a chance RHEV or RHOS will be unable to work properly

Actual results:
RHOS added to CFME but unable to work as expected

Expected results:
RHOS added to CFME and green; can list instances and work as expected

Additional info:
The fix is to set 'Non-SSL' as Security Protocol when editing RHOS provider.
Comment 1 Antonin Pagac 2016-02-18 05:53:33 EST
This bug is a duplicate of bug 1309419

*** This bug has been marked as a duplicate of bug 1309419 ***

Note You need to log in before you can comment on or make changes to this bug.