Error with a self-signed certificate on Red Hat Virtualization

Epic555 · 01-16-2018, 04:14 AM

Hi, i issued a new self-signed certificate for Red Hat Virtualization Manager 4.1 on RHEL 7.4. Certificate was issued on the server where RHVM works. I used official RH guide to create and replace certificate.
When i open RHVM web page i receive error:
- sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
What is the problem?
Commands i used to create a key and certificate:
- openssl genpkey -algorithm RSA -out apache.key -pkeyopt rsa_keygen_bits:2048
- openssl req -new -x509 -key apache.key -out apache.cer -days 365

Soadyheid · 01-16-2018, 04:40 AM

Have you tried asking Red Hat? You must have paid for their support to obtain a valid certificate I would think.

Play Bonny!

sundialsvcs · 01-16-2018, 07:54 AM

A similar discussion on StackOverflow is here. Obviously, RH is using a Java-based framework. (Ick ...)

But, yes, your company is paying for support from Red Hat, so they should be the first resource that you turn to.

Epic555 · 01-16-2018, 10:03 PM

I made a request in support, but they didn't reply yet.

Habitual · 01-16-2018, 11:30 PM

Looks like a Java-sourced error (sun.security.validator.ValidatorException)
The problem is that Java doesn't speak openssl.
I believe you'll need keytool.

sundialsvcs · 01-17-2018, 02:56 PM

Quote:

Originally Posted by Epic555

I made a request in support, but they didn't reply yet.

Pick up the phone! Your employer is paying for this!

(BTW: this has never been my experience when dealing with Red Hat support. Those guys (and gals) are good.)

Epic555 · 01-29-2018, 09:22 PM

RH support gave article (https://access.redhat.com/solutions/3329431) to regenerate a certificate

jefro · 01-30-2018, 05:35 PM

http://magicmonster.com/kb/prg/java/...ng_failed.html