1417055 – RHV: Replacing SSL Certificates Step 1 is not clear enough

Bug 1417055 - RHV: Replacing SSL Certificates Step 1 is not clear enough

Summary: RHV: Replacing SSL Certificates Step 1 is not clear enough

Keywords:
Status:	CLOSED DUPLICATE of bug 1416232
Alias:	None
Product:	Red Hat Enterprise Virtualization Manager
Classification:	Red Hat
Component:	Documentation
Sub Component:
Version:	4.0.6
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	high
Target Milestone:	---
Target Release:	---
Assignee:	rhev-docs@redhat.com
QA Contact:	rhev-docs@redhat.com
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2017-01-27 06:44 UTC by Germano Veit Michel
Modified:	2020-04-15 15:10 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2017-01-31 01:40:30 UTC
oVirt Team:	Docs
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Germano Veit Michel 2017-01-27 06:44:29 UTC

Description of problem:

https://access.redhat.com/documentation/en/red-hat-virtualization/4.0/paged/administration-guide/appendix-d-red-hat-virtualization-and-ssl

Step 1 is the CA (or a concatenation of CA+SubCAs). This is not clear and is very important, otherwise it wont work. In fact, it looks like the Certs on Step 1 and Step 3 are the same file. They are not.

It is not obvious to everyone that /etc/pki/ca-trust/source/anchors contains the CA.

I suggest to change

# cp YOUR-3RD-PARTY-CERT.pem /etc/pki/ca-trust/source/anchors

to

# cp YOUR-3RD-PARTY-CA-CHAIN.pem /etc/pki/ca-trust/source/anchors

Comment 1 Tahlia Richardson 2017-01-31 01:40:30 UTC

Thanks, Germano. I've added this to the catch-all feedback bug for this procedure, BZ#1416232. Feel free to add any other feedback there.

*** This bug has been marked as a duplicate of bug 1416232 ***

Note You need to log in before you can comment on or make changes to this bug.