Bug 1417055 - RHV: Replacing SSL Certificates Step 1 is not clear enough
Summary: RHV: Replacing SSL Certificates Step 1 is not clear enough
Keywords:
Status: CLOSED DUPLICATE of bug 1416232
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: Documentation
Version: 4.0.6
Hardware: x86_64
OS: Linux
unspecified
high
Target Milestone: ---
: ---
Assignee: rhev-docs@redhat.com
QA Contact: rhev-docs@redhat.com
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-01-27 06:44 UTC by Germano Veit Michel
Modified: 2020-04-15 15:10 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-01-31 01:40:30 UTC
oVirt Team: Docs
Target Upstream Version:


Attachments (Terms of Use)

Description Germano Veit Michel 2017-01-27 06:44:29 UTC
Description of problem:

https://access.redhat.com/documentation/en/red-hat-virtualization/4.0/paged/administration-guide/appendix-d-red-hat-virtualization-and-ssl

Step 1 is the CA (or a concatenation of CA+SubCAs). This is not clear and is very important, otherwise it wont work. In fact, it looks like the Certs on Step 1 and Step 3 are the same file. They are not.

It is not obvious to everyone that /etc/pki/ca-trust/source/anchors contains the CA.

I suggest to change

# cp YOUR-3RD-PARTY-CERT.pem /etc/pki/ca-trust/source/anchors

to

# cp YOUR-3RD-PARTY-CA-CHAIN.pem /etc/pki/ca-trust/source/anchors

Comment 1 Tahlia Richardson 2017-01-31 01:40:30 UTC
Thanks, Germano. I've added this to the catch-all feedback bug for this procedure, BZ#1416232. Feel free to add any other feedback there.

*** This bug has been marked as a duplicate of bug 1416232 ***


Note You need to log in before you can comment on or make changes to this bug.