Appendix D. Red Hat Virtualization and SSL - cacerts

Posted on

When attempting to replace HTTPS certificates for the RHVM Adminstration Portal, as outlined here https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.1/html/administration_guide/appe-red_hat_enterprise_virtualization_and_ssl , the following error appears on the management console website, and you cannot login to the system:

sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

I tracked the issue down to the ovirt-engine's java cacert did not have my certificate in the keystore. I fixed this by issuing:

keytool -trustcacerts -keystore /etc/pki/java/cacerts -importcert -alias ALIAS -file /etc/pki/ovirt-engine/apache-ca.pem