1:09 p.m.
David David <dd432690(a)gmail.com> writes:
yes i have
console.vv attached
It looks the same as mine.
There is a difference in our logs, you have
Possible auth 19
while I have
Possible auth 2
So I still suspect a wrong authentication method is used, but I don't
have any idea why.
Regards,
Milan
2020-03-26 21:38 GMT+04:00, Milan Zamazal
<mzamazal(a)redhat.com>:
> David David <dd432690(a)gmail.com> writes:
>
>> copied from qemu server all certs except "cacrl" to my desktop-station
>> into /etc/pki/
>
> This is not needed, the CA certificate is included in console.vv and no
> other certificate should be needed.
>
>> but remote-viewer is still didn't work
>
> The log looks like remote-viewer is attempting certificate
> authentication rather than password authentication. Do you have
> password in console.vv? It should look like:
>
> [virt-viewer]
> type=vnc
> host=192.168.122.2
> port=5900
> password=fxLazJu6BUmL
> # Password is valid for 120 seconds.
> ...
>
> Regards,
> Milan
>
>> 2020-03-26 2:22 GMT+04:00, Nir Soffer <nsoffer(a)redhat.com>:
>>> On Wed, Mar 25, 2020 at 12:45 PM David David <dd432690(a)gmail.com>
wrote:
>>>>
>>>> ovirt 4.3.8.2-1.el7
>>>> gtk-vnc2-1.0.0-1.fc31.x86_64
>>>> remote-viewer version 8.0-3.fc31
>>>>
>>>> can't open vm console by remote-viewer
>>>> vm has vnc console protocol
>>>> when click on console button to connect to a vm, the remote-viewer
>>>> console disappear immediately
>>>>
>>>> remote-viewer debug in attachment
>>>
>>> You an issue with the certificates:
>>>
>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.238:
>>> ../src/vncconnection.c Set credential 2 libvirt
>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239:
>>> ../src/vncconnection.c Searching for certs in /etc/pki
>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239:
>>> ../src/vncconnection.c Searching for certs in /root/.pki
>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239:
>>> ../src/vncconnection.c Failed to find certificate CA/cacert.pem
>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239:
>>> ../src/vncconnection.c No CA certificate provided, using GNUTLS global
>>> trust
>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239:
>>> ../src/vncconnection.c Failed to find certificate CA/cacrl.pem
>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239:
>>> ../src/vncconnection.c Failed to find certificate
>>> libvirt/private/clientkey.pem
>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239:
>>> ../src/vncconnection.c Failed to find certificate
>>> libvirt/clientcert.pem
>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239:
>>> ../src/vncconnection.c Waiting for missing credentials
>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239:
>>> ../src/vncconnection.c Got all credentials
>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239:
>>> ../src/vncconnection.c No CA certificate provided; trying the system
>>> trust store instead
>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240:
>>> ../src/vncconnection.c Using the system trust store and CRL
>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240:
>>> ../src/vncconnection.c No client cert or key provided
>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240:
>>> ../src/vncconnection.c No CA revocation list provided
>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.241:
>>> ../src/vncconnection.c Handshake was blocking
>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.243:
>>> ../src/vncconnection.c Handshake was blocking
>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.251:
>>> ../src/vncconnection.c Handshake was blocking
>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.298:
>>> ../src/vncconnection.c Handshake done
>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.298:
>>> ../src/vncconnection.c Validating
>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.301:
>>> ../src/vncconnection.c Error: The certificate is not trusted
>>>
>>> Adding people that may know more about this.
>>>
>>> Nir
>>>
>>>
>
>