No documentation for installing third-party SSL certificates for host servers

[aurum9878]

Type of problem?

Documentation issue

No official documentation is available for changing oVirt host's SSL certificates from self-signed to third-party. There is official documentation available for this process on the ovirt-engine server but not for host servers. I found documentation on GitHub but it did not work for implementing third-party certs on host servers.

GitHub documentation found here

Help needed from @oVirt/ovirt-documentation

[mwperina]

It's not supported to use third party certification authority for communication between oVirt Engine and oVirt hosts. This communication if fully encrypted using oVirt internal CA with followwing renewal process:

1. oVirt hosts certificates are automatically reneweed during host upgrade (more details in https://www.ovirt.org/documentation/administration_guide/index.html#Updating_a_host_between_minor_releases)
2. oVirt hosts certificates can be manually renewed using Enroll certificates action for a specific host
3. oVirt Engine certificate or oVirt Engine CA certificate can be renewed by running engine-setup (more details in https://www.ovirt.org/documentation/administration_guide/index.html#chap-Renewing_certificates_RHV_backup_restore)

Custom certificate authority can used only for oVirt Engine HTTP certificate, more details can be found at https://www.ovirt.org/documentation/administration_guide/index.html#Replacing_the_Manager_CA_Certificate