Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1353441 - Docs: replace /ca.crt with "/ovirt-engine/services/pki-resource?resource=ca-certificate&format=X509-PEM-CA"
Docs: replace /ca.crt with "/ovirt-engine/services/pki-resource?resource=ca-c...
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: Documentation (Show other bugs)
4.0.0
Unspecified Unspecified
medium Severity unspecified
: ovirt-4.0.3
: 4.0.1
Assigned To: Julie
rhev-docs@redhat.com
:
: 1362617 (view as bug list)
Depends On:
Blocks: 1360991
  Show dependency treegraph
 
Reported: 2016-07-07 01:53 EDT by Yedidyah Bar David
Modified: 2016-09-08 21:45 EDT (History)
9 users (show)

See Also:
Fixed In Version:
Doc Type: Release Note
Doc Text:
Previously, the Manager's CA certificate could be downloaded from: http://[engine-fqdn]/ca.crt. With this update, the URL to download the CA certificate has changed to: http://[engine-fqdn]/ovirt-engine/services/pki-resource?resource=ca-certificate&format=X509-PEM-CA. Existing clients that use the old URL must be updated to use the new one.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-09-08 21:45:03 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: Docs
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Comment 1 Lucy Bopf 2016-08-03 22:37:41 EDT 
*** Bug 1362617 has been marked as a duplicate of this bug. ***
Comment 4 Yaniv Kaul 2016-08-22 03:25:12 EDT 
Don't we break backwards compatibility this way? Don't we expect older clients to continue try and successfully retrieve the certificate from the old location?
Comment 5 Yaniv Kaul 2016-08-22 03:35:08 EDT 
(In reply to Yaniv Kaul from comment #4)
> Don't we break backwards compatibility this way? Don't we expect older
> clients to continue try and successfully retrieve the certificate from the
> old location?

Example - https://github.com/GNOME/libgovirt/blob/f70802a769baa8113f26ba9287e453b9209d56f5/govirt/ovirt-proxy.c#L55
Comment 6 Yedidyah Bar David 2016-08-22 05:03:05 EDT 
(In reply to Yaniv Kaul from comment #5)
> (In reply to Yaniv Kaul from comment #4)
> > Don't we break backwards compatibility this way? Don't we expect older
> > clients to continue try and successfully retrieve the certificate from the
> > old location?

That's a good question, but too late...

> 
> Example -
> https://github.com/GNOME/libgovirt/blob/
> f70802a769baa8113f26ba9287e453b9209d56f5/govirt/ovirt-proxy.c#L55

It's already affected - 4.0 was released several months ago.

Another question to ask is if we tried hard enough to inform users/3rd-parties about this. No idea about this. The ones that already contacted us and fixed their clients did this, AFAIK, only when they saw they are broken, when trying 4.0 or a beta.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.