Dan Kenigsberg has submitted this change and it was merged.
Change subject: Store engine web CA cert in engine_web_ca.pem
......................................................................
Store engine web CA cert in engine_web_ca.pem
Currently we store the CA certificate downloaded from the engine for
registration purposes in the /etc/pki/vdsm/cacert.pem file. This file
is then replaced by VDSM by its default one during reboot, making a
backup before. This means that after the reboot vdsm-reg can't use it to
download the SSH key, and this means that registration fails.
This patch changes deployUtil.py so that it downloadto s the certificate
of the CA that signs the certificate of the engine web server to a new
file: /etc/pki/vdsm/enginecacert.pem. This file is not touched by the
VDSM start script, so that vdsm-reg can use it later to download the SSH
key correctly.
Change-Id: I127bf44cbcde90f7dae26a3bd3127f3eac2ca53c
Bug-Url:
https://bugzilla.redhat.com/856167
Signed-off-by: Juan Hernandez <juan.hernandez(a)redhat.com>
---
M vdsm_reg/deployUtil.py.in
M vdsm_reg/engine.py.in
2 files changed, 30 insertions(+), 22 deletions(-)
Approvals:
Alon Bar-Lev: Looks good to me, but someone else must approve
Douglas Schilling Landgraf: Looks good to me, but someone else must approve
Juan Hernandez: Verified
Dan Kenigsberg: Looks good to me, approved
--
To view, visit
http://gerrit.ovirt.org/8038
To unsubscribe, visit
http://gerrit.ovirt.org/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I127bf44cbcde90f7dae26a3bd3127f3eac2ca53c
Gerrit-PatchSet: 3
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: Juan Hernandez <juan.hernandez(a)redhat.com>
Gerrit-Reviewer: Alon Bar-Lev <alonbl(a)redhat.com>
Gerrit-Reviewer: Dan Kenigsberg <danken(a)redhat.com>
Gerrit-Reviewer: Doron Fediuck <dfediuck(a)redhat.com>
Gerrit-Reviewer: Douglas Schilling Landgraf <dougsland(a)redhat.com>
Gerrit-Reviewer: Federico Simoncelli <fsimonce(a)redhat.com>
Gerrit-Reviewer: Juan Hernandez <juan.hernandez(a)redhat.com>
Gerrit-Reviewer: Michael Burns <mburns(a)redhat.com>