Libvirt Service Fails to Start With Error "Cannot Read CA Certificate

Problem

The pf9-ostackhost service is down because dependent libvirtd service refuses to start with error "Cannot read CA certificate: No such file or directory".

libvirtd: 6368: error : virNetTLSContextCheckCertFile:112 : Cannot read CA certificate '/etc/pf9/certs/libvirt/cacert.pem': No such file or directory

Environment

Platform9 Managed OpenStack - v3.6.0 and Higher
Nova
Libvirt

Cause

Libvirt is configured to look for a CA certificate by default and use it to establish a TLS/SSL connection. If the correct certificate is not configured or is missing or is not applicable then libvirtd refuses to start with an error about the CA certificate.

Resolution

Open the file /etc/libvirt/libvirtd.conf with a text editor and make the following changes.

listen_tcp=1
listen_tls=0
auth_tcp="none"
tcp_port="16509"

Start the libvirtd service.

# systemctl start libvirtd.service

Start the pf9-ostackhost service.

# systemctl start pf9-ostackhost.service

If the libvirtd service still does not start, please contact Platform9 Support for further assistance.

PreviousMurano Environment Stuck in "Deleting" Status NextVMware Gateway Appliance(VGA) in Failed State as pf9-monasca-vcenter-exporter Service Fails to Start

Last updated 3 months ago

Good afternoon

hashtagProblem

hashtagEnvironment

hashtagCause

hashtagResolution

Problem

Environment

Cause

Resolution