[prev in list] [next in list] [prev in thread] [next in thread]
List: vdsm-devel
Subject: =?utf-8?q?=5Bovirt-devel=5D?= ovirt engine certificate password
From: Anastasiya Ruzhanskaya <anastasiya.ruzhanskaya () frtk ! ru>
Date: 2018-10-27 11:34:52
Message-ID: CAH7gUZb=1=s95UcmScoCWFsFyBxtW9akcBN-ThrOzVqVazCGuA () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hello everyone!
I am trying to analyze traffic between ovirt-engine and vdsm.
First strange thing is, that it should be encrypted by default . When I
listen in wireshark for message from engine to vdsm being on the engine
machine, the traffic is not encrypted. It is only tcp. I expect it then be
acceptable for wireshark json dissector. But this is not a json. Is this a
normal situation or I should set up encryption by myself?
However, on the guest machine, I see in wireshark that the traffic between
engine and vdsm is encrypted. ( I have a configuration of my computer as a
client and two VMs as engine and node). So , I am trying to use engine's
private key to decrypt it. The private key is not engine_id_rsa (am I
right?), but it is hidden inside .p12 file. To extract the key from this
file I need a password. During the ovirt installing I didn't set up any
password for this. Is this maybe a default one? How can I extract a private
key?
So, the final questions are:
1) Should the traffic between engine and vdsm be encrypted by default?
2) How the private key for engine can be extracted?
[Attachment #5 (text/html)]
<div dir="ltr"><div>Hello everyone!</div><div>I am trying to analyze traffic between \
ovirt-engine and vdsm.</div><div>First strange thing is, that it should be encrypted \
by default . When I listen in wireshark for message from engine to vdsm being on the \
engine machine, the traffic is not encrypted. It is only tcp. I expect it then be \
acceptable for wireshark json dissector. But this is not a json. Is this a normal \
situation or I should set up encryption by \
myself?<br></div><div><br></div><div>However, on the guest machine, I see in \
wireshark that the traffic between engine and vdsm is encrypted. ( I have a \
configuration of my computer as a client and two VMs as engine and node). So , I am \
trying to use engine's private key to decrypt it. The private key is not \
engine_id_rsa (am I right?), but it is hidden inside .p12 file. To extract the key \
from this file I need a password. During the ovirt installing I didn't set up any \
password for this. Is this maybe a default one? How can I extract a private \
key?</div><div><br></div><div>So, the final questions are:</div><div>1) Should the \
traffic between engine and vdsm be encrypted by default?</div><div>2) How the private \
key for engine can be extracted?<br></div></div>
[Attachment #6 (text/plain)]
_______________________________________________
Devel mailing list -- devel@ovirt.org
To unsubscribe send an email to devel-leave@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
List Archives: https://lists.ovirt.org/archives/list/devel@ovirt.org/message/CTVBO4HDTVUR6N5V46HVV2HVUNEGQJHV/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic