Description of problem: During deployement of a host, the following error is returned in engine.log: 2012-12-07 17:06:01,319 INFO [org.ovirt.engine.core.bll.InstallerMessages] (VdsDeploy) Installation ovirtnode1.acme.lan: Enrolling certificate 2012-12-07 17:06:01,346 ERROR [org.ovirt.engine.core.bll.VdsDeploy] (pool-3-thread-31) [5563c38b] Error during host ovirtnode1.acme.lan install, prefering first exception: java.io.FileNotFoundException: /etc/ovirt-engine/ca/requests/ovirtnode1.acme.lanreq.pem (No such file or directory) at java.io.FileOutputStream.open(Native Method) [rt.jar:1.7.0_09-icedtea] at java.io.FileOutputStream.<init>(FileOutputStream.java:212) [rt.jar:1.7.0_09-icedtea] at java.io.FileOutputStream.<init>(FileOutputStream.java:165) [rt.jar:1.7.0_09-icedtea] at org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper.SignCertificateRequest(OpenSslCAWrapper.java:70) [engine-utils.jar:] at org.ovirt.engine.core.bll.VdsDeploy._threadMain(VdsDeploy.java:742) [engine-bll.jar:] at org.ovirt.engine.core.bll.VdsDeploy.access$1400(VdsDeploy.java:71) [engine-bll.jar:] at org.ovirt.engine.core.bll.VdsDeploy$32.run(VdsDeploy.java:780) [engine-bll.jar:] at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_09-icedtea] Version-Release number of selected component (if applicable): 3.2.0-1.20121206.git533e9a5.fc17 (latest nightly) oVirt searches for it's certificate in /etc/ovirt-engine/ca/requests/, while they are actually in /etc/pki/ovirt-engine. Symlinking /etc/ovirt-engine/ca to /etc/pki/ovirt-engine seems to be a viable work-around.
Known issue, I already asked to revert[1]. This change was added without proper test, please CC me of any PKI patches in the future. Thank you for the report. [1] http://gerrit.ovirt.org/#/c/9659/
The revert of the change is available here: http://gerrit.ovirt.org/9786
The revert has been merged: http://gerrit.ovirt.org/gitweb?p=ovirt-engine.git;a=commit;h=cd830572906624ab068d988c631c031e9f635b02
3.2 beta built, moving to ON_QA status to allow testing