11.5.6. Setting up the CA certificate for RHV
Download the CA certificate from the Red Hat Virtualization (RHV) Manager and set it up on the installation machine.
You can download the certificate from a webpage on the RHV Manager or by using a
Later, you provide the certificate to the installation program.
Use either of these two methods to download the CA certificate:
Go to the Manager’s webpage,
https://<engine-fqdn>/ovirt-engine/. Then, under Downloads, click the CA Certificate link.
Run the following command:
$ curl -k 'https://<engine-fqdn>/ovirt-engine/services/pki-resource?resource=ca-certificate&format=X509-PEM-CA' -o /tmp/ca.pem 1
<engine-fqdn>, specify the fully qualified domain name of the RHV Manager, such as
- Go to the Manager’s webpage,
Configure the CA file to grant rootless user access to the Manager. Set the CA file permissions to have an octal value of
$ sudo chmod 0644 /tmp/ca.pem
For Linux, copy the CA certificate to the directory for server certificates. Use
-pto preserve the permissions:
$ sudo cp -p /tmp/ca.pem /etc/pki/ca-trust/source/anchors/ca.pem
Add the certificate to the certificate manager for your operating system:
- For macOS, double-click the certificate file and use the Keychain Access utility to add the file to the System keychain.
For Linux, update the CA trust:
$ sudo update-ca-trust注記
If you use your own certificate authority, make sure the system trusts it.
To learn more, see Authentication and Security in the RHV documentation.