Hi Stephen,
Yes, we have some issue with the latest version of oVirt node-ng, with
users being unable to login into cockpit after the upgrade, and we're
trying to debug this issue:
https://lists.ovirt.org/archives/list/users@ovirt.org/thread/CJIP2KNXEADM...
The node-ng is based on CentOS 8 Stream.
Thanks in advance,
On Thu, May 20, 2021 at 3:36 PM Stephen Gallagher <sgallagh(a)redhat.com>
wrote:
Re-adding the original sender to the CC, since they are not
subscribed.
On Wed, May 19, 2021 at 1:44 PM Stephen Gallagher <sgallagh(a)redhat.com>
wrote:
>
>
>
> On Wed, May 19, 2021 at 1:41 PM Lev Veyde <lveyde(a)redhat.com> wrote:
>>
>> Hi,
>>
>> What creates the following files on the system? :
>>
>> /etc/cockpit/ws-certs.d/0-self-signed-ca.pem
>> /etc/cockpit/ws-certs.d/0-self-signed.cert
>>
>> I see that the directory is owned by the cockpit-ws package, but
couldn't find anything in the RPM scripts.
>>
>> Thanks in advance,
>
>
> They aren't created in the RPM scripts because they need to be unique on
different systems (generating them in the RPM scripts would mean that
things like rpm-ostree and gold VM images would all have the same
certificates).
>
> They're created when Cockpit starts up if they don't already exist. On
Fedora, they're usually generated by sscg.
>
> Is there a specific question you have about these certificates?
--
Lev Veyde
Senior Software Engineer, RHCE | RHCVA | MCITP
Red Hat Israel
<
https://www.redhat.com>
lev(a)redhat.com | lveyde(a)redhat.com
<
https://red.ht/sig>
TRIED. TESTED. TRUSTED. <
https://redhat.com/trusted>