Description of problem: On the flow described in bug 1481583, we further output: The following commands failed to execute. Please execute them manually as root: keytool -import -alias ovirt-provider-ovn -keystore /var/lib/ovirt-engine/external_truststore -file /etc/pki/ovirt-engine/ca.pem -noprompt -storepass changeit We should instead output something like this: . /usr/share/ovirt-engine/bin/engine-prolog.sh keytool -import -alias ovirt-provider-ovn -keystore /var/lib/ovirt-engine/external_truststore -file /etc/pki/ovirt-engine/ca.pem -noprompt -storepass "${ENGINE_EXTERNAL_PROVIDERS_TRUST_STORE_PASSWORD}" So that someone looking behind the shoulder of the user, or seeing a copy/pasted output posted somewhere for debugging etc., will not see the password. This is not currently a security risk, because this file does not keep secrets. This might change in future versions.
when import to trustore fails, engine-setup prints ... -storepass "${ENGINE_EXTERNAL_PROVIDERS_TRUST_STORE_PASSWORD} verified in ovirt-engine-setup-4.2.0-0.6.el7.noarch
This bugzilla is included in oVirt 4.2.0 release, published on Dec 20th 2017. Since the problem described in this bug report should be resolved in oVirt 4.2.0 release, published on Dec 20th 2017, it has been closed with a resolution of CURRENT RELEASE. If the solution does not work for you, please open a new bug report.