[Engine-patches] Change in ovirt-engine[master]: WebSocketProxy on a separate host

Tue, 10 Jun 2014 15:27:06 -0700 

Simone Tiraboschi has posted comments on this change.

Change subject: WebSocketProxy on a separate host
......................................................................


Patch Set 5:

If engine has been installed locally it works as before, otherwise it print 
instruction regarding how to enroll certs on the engine host.


[ INFO  ] Configuring WebSocket Proxy
         
          ATTENTION
         
          Manual actions are required on the engine host and on this host
          in order to enroll certs for this host and configure the engine about 
it.
          Please execute this command on the engine host: 
         
          engine-config -s WebSocketProxy=localhost.localdomain:6100
         
          Than, still on the engine host:
         
          /usr/share/ovirt-engine/bin/pki-enroll-pkcs12.sh \
           --name=websocket-proxy-standalone \
           --password=<password> \
           --subject="/C=<country>/O=<organization>/CN=localhost.localdomain"
         
          Substitute <country>, <organization> to suite your environment
          (i.e. the values must match values in the certificate authority of 
your engine),
          <password> with a password of you choice
         
          Than copy /etc/pki/ovirt-engine/keys/websocket-proxy-standalone.p12
          from the engine host to this host at 
/etc/pki/ovirt-engine/keys/websocket-proxy.p12
          And copy /etc/pki/ovirt-engine/certs/engine.cer
          from the engine host to this host at 
/etc/pki/ovirt-engine/certs/engine.cer
         
          Than, at last, on this host:
          openssl pkcs12 -in /etc/pki/ovirt-engine/keys/websocket-proxy.p12 
-nokeys -out /etc/pki/ovirt-engine/certs/websocket-proxy.cer
          openssl pkcs12 -in /etc/pki/ovirt-engine/keys/websocket-proxy.p12 
-nocerts -nodes -out /etc/pki/ovirt-engine/keys/websocket-proxy.key.nopass
          using the password you provided before on the engine host

-- 
To view, visit http://gerrit.ovirt.org/28534
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: Ifceddd5aa44a77f67a3b6b30c6678d9a3b485f9c
Gerrit-PatchSet: 5
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Simone Tiraboschi <stira...@redhat.com>
Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com>
Gerrit-Reviewer: Sandro Bonazzola <sbona...@redhat.com>
Gerrit-Reviewer: Simone Tiraboschi <stira...@redhat.com>
Gerrit-Reviewer: Yedidyah Bar David <d...@redhat.com>
Gerrit-Reviewer: automat...@ovirt.org
Gerrit-Reviewer: oVirt Jenkins CI Server
Gerrit-HasComments: No
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to