[ovirt-users] Re: not able to upload disks, iso - paused by the system error -- Version 4.4.6.7-1.el8

Tue, 12 Oct 2021 04:03:35 -0700 

On Tue, Oct 12, 2021 at 8:55 AM dhanaraj.ramesh--- via Users
<[email protected]> wrote:
>
> Hi Team
>
> in one of the cluster infra, we are unable to upload the images or disks via 
> gui. up on checking the /var/log/ovirt-imageio/daemon.log found that throwing 
> ssl connection failure, help us to check what are we missing..

Which version?

If you are on ovirt 4.4, please share output of:

    ovirt-imageio --show-config

on engine.

> We are using thirdparty CA approved SSL for web GUI..
>
> 2021-10-11 22:45:42,812 INFO    (Thread-6) [http] OPEN connection=6 
> client=127.0.0.1
> 2021-10-11 22:45:42,812 INFO    (Thread-6) [tickets] [127.0.0.1] REMOVE 
> ticket=f18cff91-1fc4-43b6-91ea-ca2a11d409a6
> 2021-10-11 22:45:42,813 INFO    (Thread-6) [http] CLOSE connection=6 
> client=127.0.0.1 [connection 1 ops, 0.000539 s] [dispatch 1 ops, 0.000216 s]
> 2021-10-11 22:45:43,621 INFO    (Thread-4) [images] [::ffff:10.12.23.212] 
> OPTIONS ticket=53ff98f9-f429-4880-abe6-06c6c01473de
> 2021-10-11 22:45:43,621 INFO    (Thread-4) [backends.http] Open backend 
> netloc='renlovkvma01.test.lab:54322' 
> path='/images/53ff98f9-f429-4880-abe6-06c6c01473de' 
> cafile='/etc/pki/ovirt-engine/ca.pem' secure=True

Looks like the host is configured correctly - the http backend is
using the right CA file
to access the host.

> 2021-10-11 22:45:43,626 ERROR   (Thread-4) [http] Server error
...
>     self._sslobj.do_handshake()
> ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed 
> (_ssl.c:897)

The CA file on engine side (/etc/pki/ovirt-engine/ca.pem) does not
match the CA file on the host
(/etc/pki/vdsm/certs/cacert.pem).

Which files did you change when we added the thirdparty CA approved SSL?

Nir
_______________________________________________
Users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/[email protected]/message/45S3QIVWVPBAVQ6IWV3QHJPURLG5NPCY/

Reply via email to