Description of problem: Extend appe-Red_Hat_Enterprise_Virtualization_and_SSL.html to cover websocket-proxy, this topic was raised on ovirt-users list, see http://lists.ovirt.org/pipermail/users/2016-August/041666.html For custom CA and own certs for https, websocket proxy would need following changes: # cat /etc/ovirt-engine/ovirt-websocket-proxy.conf.d/10-setup.conf PROXY_PORT=6100 SSL_CERTIFICATE=/etc/pki/ovirt-engine/apache-ca.pem SSL_KEY=/etc/pki/ovirt-engine/keys/apache.key.nopass CERT_FOR_DATA_VERIFICATION=/etc/pki/ovirt-engine/certs/engine.cer SSL_ONLY=True original was ]# cat /etc/ovirt-engine/ovirt-websocket-proxy.conf.d/10-setup.conf.orig PROXY_PORT=6100 SSL_CERTIFICATE=/etc/pki/ovirt-engine/certs/websocket-proxy.cer SSL_KEY=/etc/pki/ovirt-engine/keys/websocket-proxy.key.nopass CERT_FOR_DATA_VERIFICATION=/etc/pki/ovirt-engine/certs/engine.cer SSL_ONLY=True Version-Release number of selected component (if applicable): rhevm-doc-4.0.0-3.el7ev.noarch How reproducible: 100% Steps to Reproduce: 1. check rhevm docs if there are steps how to put custom certs for spice-html5 2. 3. Actual results: none steps Expected results: docs should cover it Additional info:
No need for step 11 at http://file.tlv.redhat.com/~apinnick/BZ%231362573_4.2-Administration_Guide/#Replacing_the_Manager_SSL_Certificate
Reviewed and merged.
Updated documents: https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.1/html-single/administration_guide/#Replacing_the_Manager_SSL_Certificate https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.2-beta/html-single/administration_guide/#Replacing_the_Manager_SSL_Certificate