Few hours later i'm fixed SSL error, but get a new error
2019-10-02 01:02:38,369 root Starting server
2019-10-02 01:02:38,369 root Version: 1.2.22-1
2019-10-02 01:02:38,369 root Build date: 20190509114402
2019-10-02 01:02:38,369 root Githash: 38acbde
2019-10-02 01:02:46,471 root From: ::ffff:172.19.0.10:33644 Request: POST
/v2.0/tokens
2019-10-02 01:02:46,471 root Request body:
{"auth": {"passwordCredentials": {"username": "admin@internal", "password":
"<PASSWORD_HIDDEN>"}}}
2019-10-02 01:02:46,472 root Error during SSO authentication invalid_request :
Missing parameter: 'client_secret'
Traceback (most recent call last):
File "/usr/share/ovirt-provider-ovn/handlers/base_handler.py", line 138, in
_handle_request
method, path_parts, content
File "/usr/share/ovirt-provider-ovn/handlers/selecting_handler.py", line 175,
in handle_request
return self.call_response_handler(handler, content, parameters)
File "/usr/share/ovirt-provider-ovn/handlers/keystone.py", line 33, in
call_response_handler
return response_handler(content, parameters)
File "/usr/share/ovirt-provider-ovn/handlers/keystone_responses.py", line 69,
in post_tokens
if not auth.validate_token(token):
File "/usr/share/ovirt-provider-ovn/auth/plugin_facade.py", line 31, in
validate_token
return auth.core.plugin.validate_token(token)
File
"/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/authorization_by_username.py",
line 36, in validate_token
return self._is_user_name(token, _admin_user_name())
File
"/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/authorization_by_username.py",
line 47, in _is_user_name
timeout=AuthorizationByUserName._timeout())
File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 131, in
get_token_info
timeout=timeout
File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 55, in
wrapper
_check_for_error(response)
File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 181, in
_check_for_error
result['error'], details))
Unauthorized: Error during SSO authentication invalid_request : Missing
parameter: 'client_secret'
> 1 окт. 2019 г., в 22:53, Mail SET Inc. Group <[email protected]> написал(а):
>
> Hello!
> Get problems with clean installation 4.3.6.6-1.el7 and OVN
>
> When i try to test OVN get notification:
> «Import provider certificate»
> Do you approve trusting self signed certificate subject CN=Certificate
> Authority, O=SET.LOCAL, SHA-1 fingerprint
> a9d9b91160bb306667a521e6f2c66037ddc437cb?
>
> When i’m press «Yes», see old problem:
> Failed to communicate with the external provider, see log for additional
> details.
>
> [root@engine ~]# tail -f /var/log/ovirt-provider-ovn.log
> timeout=self._timeout())
> File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 75, in
> create_token
> username, password, engine_url, ca_file, timeout)
> File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 91, in
> _get_sso_token
> timeout=timeout
> File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 54, in
> wrapper
> response = func(*args, **kwargs)
> File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 47, in
> wrapper
> raise BadGateway(e)
> BadGateway: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed
> (_ssl.c:618)
>
> [root@engine ~]# cat
> /etc/ovirt-provider-ovn/conf.d/10-setup-ovirt-provider-ovn.conf
> # This file is automatically generated by engine-setup. Please do not edit
> manually
> [OVN REMOTE]
> ovn-remote=ssl:127.0.0.1:6641
> [SSL]
> https-enabled=true
> ssl-cacert-file=/etc/pki/ovirt-engine/apache-ca.pem
> ssl-cert-file=/etc/pki/ovirt-engine/certs/apache.cer
> ssl-key-file=/etc/pki/ovirt-engine/keys/apache.key.nopass
> [OVIRT]
> ovirt-sso-client-id=ovirt-provider-ovn
> ovirt-ca-file=/etc/pki/ovirt-engine/certs/engine.cer
> ovirt-host=https://engine.set.local:443/ovirt-engine/
> <https://engine.set.local/ovirt-engine/>
> ovirt-sso-client-secret=vy80-QmCNNv6wP7JFvN9GWhPmYvo0lBNl5J8hpiGRa4
> [NETWORK]
> port-security-enabled-default=True
> [PROVIDER]
> provider-host=engine.set.local
>
> [root@engine ~]# python -c "import requests; \
> print requests.get('https://engine.set.local <https://engine.set.local/>', \
> verify='/etc/pki/ovirt-engine/apache-ca.pem')"
> <Response [200]>
>
> What’s wrong ?
_______________________________________________
Users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/[email protected]/message/IDUB3LOJHLRQVC2EFLSCN3MKYDEPZIRZ/
