RHV 4.2 - Failed to import provider certificate into the external provider keystore
Issue
When running engine-setup after upgrading a RHV 4.1 installation to RHV 4.2, there is a keystore certificate error:
[ ERROR ] Failed to import provider certificate into the external provider keystore
...
The following commands failed to execute.
Please execute them manually as root:
. /usr/share/ovirt-engine/bin/engine-prolog.sh
export pass="${ENGINE_EXTERNAL_PROVIDERS_TRUST_STORE_PASSWORD}"
keytool -import -alias ovirt-provider-ovn -keystore /var/lib/ovirt-engine/external_truststore -file /etc/pki/ovirt-engine/ca.pem -noprompt -storepass:env pass
Although the setup completes, the above commands need to be run manually to ensure the ovirt-provider-ovn certificate is imported into the keystore.
When running the above commands, an error may be seen:
# . /usr/share/ovirt-engine/bin/engine-prolog.sh
# export pass="${ENGINE_EXTERNAL_PROVIDERS_TRUST_STORE_PASSWORD}"
# keytool -import -alias ovirt-provider-ovn -keystore /var/lib/ovirt-engine/external_truststore -file /etc/pki/ovirt-engine/ca.pem -noprompt -storepass:env pass
keytool error: java.io.IOException: Keystore was tampered with, or password was incorrect
This means that the trust store password is not correctly identified in the environment.
Environment
- RHV 4.2
- RHV 4.1
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
