Hello George,
Probably your engine and provider certs do not match.
The engine pki should be in:
/etc/pki/ovirt-engine/certs/
The provider keys are defined in the SSL section of the config file
(/etc/ovirt-provider-ovn/conf.d/...):
[SSL]
https-enabled=true
ssl-key-file=...
ssl-cert-file=...
ssl-cacert-file=...
You can compare the keys/certs using openssl.
Was the provider created using egine-setup?
For testing purposes you can change the "https-enabled" to false and try
connecting using http.
Thanks,
Marcin
On Thu, Feb 8, 2018 at 12:58 PM, Ilya Fedotov <kosh...@gmail.com> wrote:
> Hello, Georgy
>
> Maybe, the problem have the different domain name and name your node
> name(local domain), and certificate note valid.
>
>
>
> with br, Ilya
>
> 2018-02-05 22:36 GMT+03:00 George Sitov <usual....@gmail.com>:
>
>> Hello!
>>
>> I have a problem wiith configure external provider.
>>
>> Edit config file - ovirt-provider-ovn.conf, set ssl parameters.
>> systemctl start ovirt-provider-ovn start without problem.
>> In external proveder in web gui i set:
>> Provider URL: https://ovirt.mydomain.com:9696
>> Username: admin@internal
>> Authentication URL: https://ovirt.mydomain.com:35357/v2.0/
>> But after i press test button i see error - Failed to communicate with
>> the external provider, see log for additional details.
>>
>> /var/log/ovirt-engine/engine.log:
>> 2018-02-05 21:33:55,517+02 ERROR [org.ovirt.engine.core.bll.pro
>> vider.network.openstack.BaseNetworkProviderProxy] (default task-29)
>> [69fa312e-6e2e-4925-b081-385beba18a6a] Bad Gateway (OpenStack response
>> error code: 502)
>> 2018-02-05 21:33:55,517+02 ERROR [org.ovirt.engine.core.bll.pro
>> vider.TestProviderConnectivityCommand] (default task-29)
>> [69fa312e-6e2e-4925-b081-385beba18a6a] Command '
>> org.ovirt.engine.core.bll.provider.TestProviderConnectivityCommand'
>> failed: EngineException: (Failed with error PROVIDER_FAILURE and code 5050)
>>
>> In /var/log/ovirt-provider-ovn.log:
>>
>> 2018-02-05 21:33:55,510 Starting new HTTPS connection (1):
>> ovirt.astrecdata.com
>> 2018-02-05 21:33:55,516 [SSL: CERTIFICATE_VERIFY_FAILED] certificate
>> verify failed (_ssl.c:579)
>> Traceback (most recent call last):
>> File "/usr/share/ovirt-provider-ovn/handlers/base_handler.py", line
>> 126, in _handle_request
>> method, path_parts, content)
>> File "/usr/share/ovirt-provider-ovn/handlers/selecting_handler.py",
>> line 176, in handle_request
>> return self.call_response_handler(handler, content, parameters)
>> File "/usr/share/ovirt-provider-ovn/handlers/keystone.py", line 33, in
>> call_response_handler
>> return response_handler(content, parameters)
>> File "/usr/share/ovirt-provider-ovn/handlers/keystone_responses.py",
>> line 60, in post_tokens
>> user_password=user_password)
>> File "/usr/share/ovirt-provider-ovn/auth/plugin_facade.py", line 26,
>> in create_token
>> return auth.core.plugin.create_token(user_at_domain, user_password)
>> File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/plugin.py",
>> line 48, in create_token
>> timeout=self._timeout())
>> File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line
>> 62, in create_token
>> username, password, engine_url, ca_file, timeout)
>> File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line
>> 53, in wrapper
>> response = func(*args, **kwargs)
>> File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line
>> 46, in wrapper
>> raise BadGateway(e)
>> BadGateway: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed
>> (_ssl.c:579)
>>
>> Whan i do wrong ?
>> Please help.
>>
>> ----
>> With best regards Georgii.
>>
>> _______________________________________________
>> Users mailing list
>> Users@ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>>
>
> _______________________________________________
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
>
_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
