Re: [Users] noVNC https certs
Google Chrome.
I downloaded the ca.crt for the server. I went into Settings > Show
advance settings... > Manage Certificates... > Import
The cert appeared under the tabs. I closed and restarted my browser,
navigated back to the ovirt engine page, launched noVNC and received
Server disconnected (code: 1006)
On 1/13/2014 1:12 PM, Alon Bar-Lev wrote:
----- Original Message -----
> From: "Neil Schulz" <neil.schulz(a)neteasy.us>
> To: "Thomas Suckow" <thomas.suckow(a)pnnl.gov>, users(a)ovirt.org
> Sent: Monday, January 13, 2014 7:57:38 PM
> Subject: Re: [Users] noVNC https certs
>
> Excellent, that's what I was looking for. I already tried going to
> http://<FQDN>/ca.crt, downloaded it, and installed it but still received
> the same error. I'm going to replace them for 3rd party ones.
It should not happen.
Which browser do you use? how did you mark the CA certificate within the browser?
> Thank you for the help!
>
> On 1/13/2014 12:54 PM, Thomas Suckow wrote:
>> On 01/13/2014 09:50 AM, Neil Schulz wrote:
>>> So, this is the only way to stop having to accept the cert?
>>>
>>> I'd have to tell all our clients to download and install that cert to
>>> their workstation?
>>>
>> No.
>>
>> You can replace the Websocket Proxy certs referenced by
>> /etc/ovirt-engine/ovirt-websocket-proxy.conf.d/10-setup.conf
>>
>> The websocket proxy needs a combined certificate file with your cert and
>> the entire chain for SSL_CERTIFICATE
>>
>> SSL_KEY is just the unencrypted key, and it MUST be accessible by the
>> ovirt user.
>> _______________________________________________
>> Users mailing list
>> Users(a)ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
> _______________________________________________
> Users mailing list
> Users(a)ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>