Red Hat Summit 红帽全球峰会支持控制台(Console)开发人员开始试用联系人

此内容没有您所选择的语言版本。

Chapter 2. Authentication and Security

2.1. TLS/SSL Certification
复制链接

The Red Hat Virtualization Manager API requires Hypertext Transfer Protocol Secure (HTTPS) [1] for secure interaction with client software, such as the Manager's SDK and CLI components. This involves a process of obtaining a certificate from the Red Hat Virtualization Manager and importing it into the certificate store of your client.

Important

Obtain your certificate from the Red Hat Virtualization Manager using a secure network connection.

Procedure 2.1. Obtaining a Certificate

You can obtain a certificate from the Red Hat Virtualization Manager and transfer it to the client machine using one of three methods:
  1. Method 1 - Use a command line tool to download the certificate from the Manager. Examples of command line tools include cURL and Wget, both of which are available on multiple platforms.
    1. If using cURL: 
      $ curl -o rhvm.cer http://[manager-fqdn]/ovirt-engine/services/pki-resource?resource=ca-certificate&format=X509-PEM-CA
      Copy to Clipboard Toggle word wrap
    2. If using Wget: 
      $ wget -O rhvm.cer http://[manager-fqdn]/ovirt-engine/services/pki-resource?resource=ca-certificate&format=X509-PEM-CA
      Copy to Clipboard Toggle word wrap
  2. Method 2 - Use a web browser to navigate to the certificate located at: 
    http://[manager-fqdn]/ovirt-engine/services/pki-resource?resource=ca-certificate&format=X509-PEM-CA
    Copy to Clipboard Toggle word wrap
    Depending on the chosen browser, the certificate either downloads or imports into the browser's keystore.
    1. If the browser downloads the certificate: save the file as rhvm.cer.
      If the browser imports the certificate: export it from the browser's certification options and save it as rhvm.cer.
  3. Method 3 - Log in to the Manager, export the certificate from the truststore and copy it to your client machine.
    1. Log in to the Manager as the root user.
    2. Export the certificate from the truststore using the Java keytool management utility: 
      $ keytool -exportcert -keystore /etc/pki/ovirt-engine/.truststore -alias cacert -storepass mypass -file rhvm.cer
      Copy to Clipboard Toggle word wrap
      This creates a certificate file called rhvm.cer.
    3. Copy the certificate to the client machine using the scp command: 
      $ scp rhvm.cer [username]@[client-machine]:[directory]
      Copy to Clipboard Toggle word wrap
Each of these methods results in a certificate file named rhvm.cer on your client machine. An API user imports this file into the certificate store of the client.

Procedure 2.2. Importing a Certificate to a Client

  • Importing a certificate to a client relies on how the client itself stores and interprets certificates. This guide contains some examples on importing certificates. For clients not using Network Security Services (NSS) or Java KeyStore (JKS), see your client documentation for more information on importing a certificate.

[1] HTTPS is described in RFC 2818 HTTP Over TLS.
返回顶部
Red Hat logoGithubredditYoutubeTwitter

学习

尝试、购买和销售

社区

关于红帽文档

通过我们的产品和服务,以及可以信赖的内容,帮助红帽用户创新并实现他们的目标。 了解我们当前的更新.

让开源更具包容性

红帽致力于替换我们的代码、文档和 Web 属性中存在问题的语言。欲了解更多详情,请参阅红帽博客.

關於紅帽

我们提供强化的解决方案,使企业能够更轻松地跨平台和环境(从核心数据中心到网络边缘)工作。

Theme

© 2025 Red Hat