[ovirt-users] Re: [rhev-tech] ovirt-imageio-proxy not working after updating SSL certificates with a wildcard cert issued by AlphaSSL (intermediate)
Imageio 1.5.3 on both RHVM and your hypervisors, right? And the test returned success - that eliminates what I saw then. On Mon, Jul 27, 2020 at 9:44 AM Lynn Dixon wrote: > I am running 1.5.3 of all of the imageio-* packages. THe test button in > RHVM for the uploader comes back successfully with no errors. > > I am at a loss here. > > *Lynn Dixon* | Red Hat Certified Architect #100-006-188 > *Solutions Architect* | NA Commercial > Google Voice: 423-618-1414 > Cell/Text: 423-774-3188 > Click here to view my Certification Portfolio <http://red.ht/1XMX2Mi> > > > > > On Sat, Jul 25, 2020 at 12:53 AM Greg Scott wrote: > >> Make sure you have the right imageio versions. We spent around two months >> troubleshooting a similar problem and eventually found my customer had >> imageio 1.0.0 when they should have had something like 1.4.4. Do an rpm - >> qa | grep imageio on both your RHVM and RHV-H systems and see what it looks >> like. >> >> Also try that test button in RHVM and see how it behaves. Does it fail >> right away or does it take a couple seconds? >> >> - Greg >> >> On Fri, Jul 24, 2020 at 9:24 PM Lynn Dixon wrote: >> >>> All, >>> I recently bought a wildcard certificate for my lab domain ( >>> shadowman.dev) and I replaced all the certs on my RHV4.3 machine per >>> our documentation. The WebUI presents the certs successfully and without >>> any issues, and everything seemed to be fine, until I tried to upload a >>> disk image (or an ISO) to my storage domain. I get this error in the >>> events tab: >>> >>> https://share.getcloudapp.com/p9uPvegx >>> [image: image.png] >>> >>> I also see that the disk is showing up in my storage domain, but its >>> showing "Paused by System" and I can't do anything with it. I cant even >>> delete it! >>> >>> I have tried following this document to fix the issue, but it didn't >>> work: https://access.redhat.com/solutions/4148361 >>> >>> I am seeing this error pop into my engine.log: >>> https://pastebin.com/kDLSEq1A >>> >>> And I see this error in my image-proxy.log: >>> WARNING 2020-07-24 15:26:34,802 web:137:web:(log_error) ERROR >>> [172.17.0.30] PUT /tickets/ [403] Error verifying signed ticket: Invalid >>> ovirt ticket (data='--my_ticket_data-', reason=Untrusted >>> certificate) [request=0.002946/1] >>> >>> Now, when I bought my wildcard, I was given a root certificate for the >>> CA, as well as a separate intermediate CA certificate from the provider. >>> Likewise, they gave me a certificate and a private key of course. The root >>> and intermediate CA's certificates have been added >>> to /etc/pki/ca-trust/source/anchors/ and I did an update-ca-trust. >>> >>> I also started experiencing issues with the ovpn network provider at the >>> same time I replaced the SSL certs, but I disregarded it at the time, but >>> now I am thinking its related. Any advice on what to look for to fix the >>> ovirt-imageio-proxy? >>> >>> Thanks! >>> >>> >>> *Lynn Dixon* | Red Hat Certified Architect #100-006-188 >>> *Solutions Architect* | NA Commercial >>> Google Voice: 423-618-1414 >>> Cell/Text: 423-774-3188 >>> Click here to view my Certification Portfolio <http://red.ht/1XMX2Mi> >>> >>> >>> >> >> -- >> Greg Scott >> Red Hat Senior Technical Account Manager >> mobile 1-651-260-1051 >> > -- Greg Scott Red Hat Senior Technical Account Manager mobile 1-651-260-1051 ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/QMS3CTP2FGWCG4ELC6SW4YICMA2O22ND/
[ovirt-users] Re: [rhev-tech] ovirt-imageio-proxy not working after updating SSL certificates with a wildcard cert issued by AlphaSSL (intermediate)
Make sure you have the right imageio versions. We spent around two months troubleshooting a similar problem and eventually found my customer had imageio 1.0.0 when they should have had something like 1.4.4. Do an rpm - qa | grep imageio on both your RHVM and RHV-H systems and see what it looks like. Also try that test button in RHVM and see how it behaves. Does it fail right away or does it take a couple seconds? - Greg On Fri, Jul 24, 2020 at 9:24 PM Lynn Dixon wrote: > All, > I recently bought a wildcard certificate for my lab domain (shadowman.dev) > and I replaced all the certs on my RHV4.3 machine per our documentation. > The WebUI presents the certs successfully and without any issues, and > everything seemed to be fine, until I tried to upload a disk image (or an > ISO) to my storage domain. I get this error in the events tab: > > https://share.getcloudapp.com/p9uPvegx > [image: image.png] > > I also see that the disk is showing up in my storage domain, but its > showing "Paused by System" and I can't do anything with it. I cant even > delete it! > > I have tried following this document to fix the issue, but it didn't work: > https://access.redhat.com/solutions/4148361 > > I am seeing this error pop into my engine.log: > https://pastebin.com/kDLSEq1A > > And I see this error in my image-proxy.log: > WARNING 2020-07-24 15:26:34,802 web:137:web:(log_error) ERROR > [172.17.0.30] PUT /tickets/ [403] Error verifying signed ticket: Invalid > ovirt ticket (data='--my_ticket_data-', reason=Untrusted > certificate) [request=0.002946/1] > > Now, when I bought my wildcard, I was given a root certificate for the CA, > as well as a separate intermediate CA certificate from the provider. > Likewise, they gave me a certificate and a private key of course. The root > and intermediate CA's certificates have been added > to /etc/pki/ca-trust/source/anchors/ and I did an update-ca-trust. > > I also started experiencing issues with the ovpn network provider at the > same time I replaced the SSL certs, but I disregarded it at the time, but > now I am thinking its related. Any advice on what to look for to fix the > ovirt-imageio-proxy? > > Thanks! > > > *Lynn Dixon* | Red Hat Certified Architect #100-006-188 > *Solutions Architect* | NA Commercial > Google Voice: 423-618-1414 > Cell/Text: 423-774-3188 > Click here to view my Certification Portfolio <http://red.ht/1XMX2Mi> > > > -- Greg Scott Red Hat Senior Technical Account Manager mobile 1-651-260-1051 ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/2QLLTX7U4PNQNEFS4AWHLZANK6KCN5HC/
Re: [ovirt-users] Custom iptables rules usage
I haven't seen it used at any of my RHV customers - but I can see this capability becoming popular as people learn about it. - Greg On Sun, Mar 19, 2017 at 10:17 AM, Leon Goldberg <lgold...@redhat.com> wrote: > Hey, > > We've been wondering whether the ability to add custom iptables rules > to be deployed on hosts sees any usage. > > Currently custom iptable rules are stored in IPTablesConfigSiteCustom > and are defaulted to an empty string. > > We're planning to add host firewalld configuration deployment and are > looking to determine whether custom rule support should be implemented > as well. > > Thanks, > Leon > > -- Greg Scott Red Hat Senior Technical Account Manager mobile 1-651-260-1051 ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
