----- Original Message ----- > From: "Donny Davis" <do...@cloudspin.me> > To: "Alon Bar-Lev" <alo...@redhat.com> > Cc: "Fedele Stabile" <fedele.stab...@fis.unical.it>, users@ovirt.org > Sent: Tuesday, December 16, 2014 7:19:53 PM > Subject: RE: [ovirt-users] Creating new users on oVirt 3.5 > > For the ca.pem, I had to import it from my ldap server, and this was my > method of getting it to the engine. > I use nano to create the file. there is probably a better way, but this was > for my enviroment.
ok, no problem. usually ssh is better :) > > -----Original Message----- > From: Alon Bar-Lev [mailto:alo...@redhat.com] > Sent: Tuesday, December 16, 2014 10:13 AM > To: Donny Davis > Cc: Fedele Stabile; users@ovirt.org > Subject: Re: [ovirt-users] Creating new users on oVirt 3.5 > > > > ----- Original Message ----- > > From: "Donny Davis" <do...@cloudspin.me> > > To: "Alon Bar-Lev" <alo...@redhat.com>, "Fedele Stabile" > > <fedele.stab...@fis.unical.it> > > Cc: users@ovirt.org > > Sent: Tuesday, December 16, 2014 4:57:16 PM > > Subject: RE: [ovirt-users] Creating new users on oVirt 3.5 > > > > Check out my write-up on AAA, > > I tried my best to break it down, and make it simple > > > > https://cloudspin.me/ovirt-simple-ldap-aaa/ > > Thanks for helpful documentation! > > > Once again, don’t get hung up on the file names, they really only mean > > something to you. Maybe someone that knows more than me can shed some > > light on this?? > > Indeed the file names are not important as long as the extension is > .properties the files will be read. > > > Important to note, that if you use an IP Address here you may have TLS > > problems, and once again I am no pro, but I had problems trying to get TLS > > and IP addresses to play nice > > Indeed, the certificate should contain ip address in subject or subject > alternate name in order to ip to be usable in tls, this is not specific to > this implementation. > > > nano ca.pem – This is done on your engine, and you paste the above output > > into this file > > not sure why you cannot just use ca.pem as-is when using keytool. > > Regards, > Alon Bar-Lev. > > _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users