rhevm-shell with commercial SSL certificate

Latest response

I have switched RHEV-M to use a commercial SSL certificate by editing /etc/httpd/conf.d/ssl.conf.

When I tried to use rhevm-shell, the connection failed:

[root@desktop certs]# rhevm-shell -c -l https://desktop.example.com/api -A /etc/pki/ovirt-engine/desktop_example_com.ca-bundle
Username: admin@internal
Password:
error: [ERROR]::Connection failure, [Errno 1] _ssl.c:490: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

rhevm-shell is able to connect if I download a CA Cert file from curl.haxx.se and use that as the CA_FILE.

[root@desktop tmp]# curl -O http://curl.haxx.se/ca/cacert.pem
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  245k  100  245k    0     0   307k      0 --:--:-- --:--:-- --:--:--  350k

[root@desktop tmp]# rhevm-shell -c -l https://desktop.example.com/api -A ./cacert.pem 
Username: admin@internal
Password: 

 ==========================================
 >>> connected to RHEVM manager 3.1.0.0 <<<
 ==========================================


        
 ++++++++++++++++++++++++++++++++++++++++++
 
           Welcome to RHEVM shell
 
 ++++++++++++++++++++++++++++++++++++++++++
        
    
[RHEVM shell (connected)]#
AA

Responses