Description of problem: reports-interface-proxy doesn't trust externally-issued web certificate in spite of issuer being in system (and java) trust store Dashboard show only historical data Version-Release number of selected component (if applicable): 4.0.1 How reproducible: always Steps to Reproduce: 1. get certificate for mod_ssl from external CA 2. add the external CA that signed the mod_ssl certificate to the trust store (trust add /path/to/CA.crt or cp /path/to/CA.crt /etc/pki/ca-trust/source/anchors/ && update-ca-trust) 3. make recomeded steps from https://bugzilla.redhat.com/show_bug.cgi?id=1336838 4. Login to Administration portal Actual results: Dashboard show 0 in usage params Log file contains: 2016-07-20 09:03:26,834 ERROR [io.undertow.request] (default task-25) UT005023: Exception handling request to /ovirt-engine/services/reports-interface-proxy: javax.servlet.ServletException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at org.ovirt.engine.core.uutils.servlet.ProxyServletBase.doGet(ProxyServletBase.java:163) [uutils.jar:] at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final] at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final] .... Expected results: Dashboard show correct data Additional info:
Hi Konstantin, we have a fix for the certificate issue, but the root cause of this issue is different: we have removed reports from 4.0, so during upgrade from 3.6 to 4.0 all reports related configuration should be removed. It's obvious we have a bug here, so could you please try to execute following commands which should reveal us leftovers from reports configuration? cd /etc/ovirt-engine/engine.conf.d grep ENGINE_REPORTS_BASE_URL . -r Thanks.
Hi, this is result: ./10-setup-reports-access.conf:ENGINE_REPORTS_BASE_URL=https://ovirt-dwh.DOMAIN:443/ovirt-engine-reports ./10-setup-reports-access.conf:ENGINE_REPORTS_DASHBOARD_URL=${ENGINE_REPORTS_BASE_URL}/flow.html?_flowId=viewReportFlow&viewAsDashboardFrame=true ./10-setup-reports-access.conf:ENGINE_REPORTS_RIGHTCLICK_URL=${ENGINE_REPORTS_BASE_URL}/flow.html?_flowId=viewReportFlow ./10-setup-reports-access.conf:ENGINE_REPORTS_PROXY_URL=${ENGINE_REPORTS_BASE_URL}/ovirt/reports-interface I must remove this settings?
Could you please try to remove 10-setup-reports-access.conf (please do a backup of the file just to be sure) and restart ovirt-engine service? It should fix your issue ...
Something changed. No error in log file, but dashboard show incorrect data. Usage of CPU, Memory and Storage 0. Screenshot https://postimg.org/image/ukcf1lj0x/
Is the DWH service still running, that looks like there is no data in the database for the last few hours.
It's running on separate host. It was problem with time. After adjusting system time problem is gone. Thank you for help!
Have you removed 10-setup-reports-access.conf? Or have it started to work just after time sync?
Yes i removed 10-setup-reports-access.conf, after that errors like "UT005023: Exception handling request to /ovirt-engine/services/reports-interface-proxy" no longer appear. And then I sync time on DWH server to get correct current statistics.
Closing due to resources, if still happens please reopen.