2043146 – Expired /etc/pki/vdsm/libvirt-vnc/server-cert.pem certificate is skipped during Enroll Certificate

Bug 2043146 - Expired /etc/pki/vdsm/libvirt-vnc/server-cert.pem certificate is skipped during Enroll Certificate

Summary: Expired /etc/pki/vdsm/libvirt-vnc/server-cert.pem certificate is skipped duri...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Virtualization Manager
Classification:	Red Hat
Component:	ovirt-engine
Sub Component:
Version:	4.4.7
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	ovirt-4.5.0
Target Release:	4.5.0
Assignee:	Dana
QA Contact:	Pavol Brilla
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2022-01-20 17:28 UTC by Koutuk Shukla
Modified:	2022-08-18 13:36 UTC (History)
CC List:	12 users (show)
Fixed In Version:	ovirt-engine-4.5.0.1
Doc Type:	Release Note
Doc Text:	Previously, renewing of the libvirt-vnc certificate was omitted during the Enroll Certificate flow. With the release of RHV 4.4 SP1 and libvirt-vnc certificates are renewed during the Enroll Certificate flow.
Clone Of:
Environment:
Last Closed:	2022-05-26 16:23:26 UTC
oVirt Team:	Infra
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	oVirt ovirt-engine pull 138	None	open	update libvirt-vnc cert & key when executing enroll certificates	2022-03-15 15:09:10 UTC
Red Hat Issue Tracker	RHV-44510	None	None	None	2022-01-20 17:29:10 UTC
Red Hat Knowledge Base (Solution)	6859551	None	None	None	2022-04-06 08:25:44 UTC
Red Hat Product Errata	RHSA-2022:4711	None	None	None	2022-05-26 16:23:39 UTC

Description Koutuk Shukla 2022-01-20 17:28:25 UTC

Description of problem:

Expired /etc/pki/vdsm/libvirt-vnc/server-cert.pem certificate is skipped during Enroll Certificate

Version-Release number of selected component (if applicable):

How reproducible:
100%

Steps to Reproduce:

Run Enroll Certificate on Host having expired /etc/pki/vdsm/libvirt-vnc/server-cert.pem certificate 

Actual results:

/etc/pki/vdsm/libvirt-vnc/server-cert.pem is skipped and not renewed.

Expected results:
/etc/pki/vdsm/libvirt-vnc/server-cert.pem should be renewed.

Additional info:

Comment 4 Pavol Brilla 2022-05-04 07:46:30 UTC

Verified on Software Version:4.5.0.5-0.7.el8ev


Enroll Certificate updated also server-cert.pem on host machine

Comment 9 errata-xmlrpc 2022-05-26 16:23:26 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:4711

Note You need to log in before you can comment on or make changes to this bug.