it means that /etc/pki/ovirt-engine/serial.txt is either empty or missing, should not happen if ca is set up.
----- Original Message ----- > From: "Dinuwan" <[email protected]> > To: [email protected] > Sent: Monday, November 3, 2014 9:55:30 AM > Subject: [ovirt-users] Certificate Enrollment Failed > > > > Hello Everyone! > > > > I am trying to re-install a host in an ovirt hosted-engine environment but > the second host keeps on failing with the Certificate Enrollment failed > error. > > > > I have deleted the Host from the Engine but it always fails at the > certificate enrollment. > > > > The following problem is similar to mine but I have checked my file > permissions and they are all as they should: > > > > http://lists.ovirt.org/pipermail/users/2014-May/024738.html > > > > engine.log : > > > > 2014-11-03 11:22:38,485 INFO > [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] > (VdsDeploy) Correlation ID: 2f0410ee, Call Stack: null, Custom Event ID: -1$ > > 2014-11-03 11:22:39,496 ERROR > [org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper] (VdsDeploy) Sign > Certificate request failed with exit code 1 > > 2014-11-03 11:22:39,497 ERROR > [org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper] (VdsDeploy) Sign > Certificate request script errors: > > Using configuration from openssl.conf > > unable to load number from serial.txt > > error while loading serial number > > 139842728826696:error:0D066096:asn1 encoding routines:a2i_ASN1_INTEGER:short > line:f_int.c:215: > > Cannot sign certificate > > > > 2014-11-03 11:22:39,499 ERROR [org.ovirt.engine.core.bll.VdsDeploy] > (VdsDeploy) Error during deploy dialog: java.lang.RuntimeException: > Certificate enrollment failed > > at > org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper.signCertificateRequest(OpenSslCAWrapper.java:56) > [utils.jar:] > > at org.ovirt.engine.core.bll.VdsDeploy._threadMain(VdsDeploy.java:927) > [bll.jar:] > > at org.ovirt.engine.core.bll.VdsDeploy.access$2000(VdsDeploy.java:83) > [bll.jar:] > > at org.ovirt.engine.core.bll.VdsDeploy$51.run(VdsDeploy.java:969) [bll.jar:] > > at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71] > > > > 2014-11-03 11:22:39,510 ERROR [org.ovirt.engine.core.bll.VdsDeploy] > (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Error during host 10.10.10.2 > install: java.lang.RuntimeExc$ > > at > org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper.signCertificateRequest(OpenSslCAWrapper.java:56) > [utils.jar:] > > at org.ovirt.engine.core.bll.VdsDeploy._threadMain(VdsDeploy.java:927) > [bll.jar:] > > at org.ovirt.engine.core.bll.VdsDeploy.access$2000(VdsDeploy.java:83) > [bll.jar:] > > at org.ovirt.engine.core.bll.VdsDeploy$51.run(VdsDeploy.java:969) [bll.jar:] > > at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71] > > > > 2014-11-03 11:22:39,516 ERROR [org.ovirt.engine.core.bll.InstallerMessages] > (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Installation 10.10.10.2: > Certificate enrollment fa$ > > 2014-11-03 11:22:39,546 ERROR > [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] > (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Correlation ID: 2f0410ee, Cal$ > > 2014-11-03 11:22:39,548 ERROR [org.ovirt.engine.core.bll.VdsDeploy] > (org.ovirt.thread.pool-8-thread-2) [2f0410ee] Error during host 10.10.10.2 > install, prefering first exce$ > > at > org.ovirt.engine.core.utils.hostinstall.OpenSslCAWrapper.signCertificateRequest(OpenSslCAWrapper.java:56) > [utils.jar:] > > at org.ovirt.engine.core.bll.VdsDeploy._threadMain(VdsDeploy.java:927) > [bll.jar:] > > at org.ovirt.engine.core.bll.VdsDeploy.access$2000(VdsDeploy.java:83) > [bll.jar:] > > at org.ovirt.engine.core.bll.VdsDeploy$51.run(VdsDeploy.java:969) [bll.jar:] > > at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71] > > > > > > I’ve been struggling with this problem for about a week now, and I have tried > changing HostIDs and re-installing ovirt-hosted-engine-setup but it still > appears. The only thing I couldn’t try is to re-install the machine. The > problem with that is I have my gluster bricks running on the same therefore > it is the last option I want to consider. > > > > Hopefully somebody will be able to assist me with this. > > > > Thanks in advance. > > > Dinu. > > _______________________________________________ > Users mailing list > [email protected] > http://lists.ovirt.org/mailman/listinfo/users > _______________________________________________ Users mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/users
