Hi Louis,
can you install a fresh browser and try to open the Engine's web interface.
Do you see a certificate warning or it just opens.
I'm asking for a fresh browser because some browsers can accept certificates that
while the other apps on the system do not accept (certificate is not in the windows cert
store).
Also, how did you configure the noVNC ?
Best Regards,
Strahil Nikolov
На 28 май 2020 г. 19:17:09 GMT+03:00, Louis Bohm <louisbohm(a)gmail.com> написа:
>Do not have Ncat on my windows vm but I can telnet to port 6100 on the
>engine from both my windows vm and my MAC.
>
>Louis
>-<<—->>-
>Louis Bohm
>louisbohm(a)gmail.com
>
><https://www.youracclaim.com/badges/f11e0d65-21ad-4458-895b-2c5b5cb11134/public_url>
><https://www.youracclaim.com/badges/f11e0d65-21ad-4458-895b-2c5b5cb11134/public_url>
>
>> On May 28, 2020, at 12:03 PM, Strahil Nikolov <hunter86_bg(a)yahoo.com>
>wrote:
>>
>> Are you in the same network segment as the Engine ?
>> Maybe there is a firewall preventing you to reach port 6100/tcp .
>> What is the output from ncat -v engine-FQDN 6100
>>
>> Best Regards,
>> Strahil Nikolov
>>
>> На 27 май 2020 г. 18:48:31 GMT+03:00, Louis Bohm <louisbohm(a)gmail.com
><mailto:louisbohm@gmail.com>> написа:
>>> I am running MAC OS X but I was able to import the CA Cert and I can
>>> see it in my Keychain. However, when I try to bring up the console
>I
>>> get:
>>> Can't connect to websocket proxy server
>>> wss://lfg-kvm.corp.lfg.com:6100 <wss://lfg-kvm.corp.lfg.com:6100/>.
>Please check that:
>>> websocket proxy service is running,
>>> firewalls are properly set,
>>> websocket proxy certificate is trusted by your browser. Default CA
>>> certificate
>>>
><https://lfg-kvm.corp.lfgardens.com/ovirt-engine/services/pki-resource?resource=ca-certificate&format=X509-PEM-CA
><https://lfg-kvm.corp.lfgardens.com/ovirt-engine/services/pki-resource?resource=ca-certificate&format=X509-PEM-CA>>.
>>>
>>>
>>> Louis
>>> -<<—->>-
>>> Louis Bohm
>>> louisbohm(a)gmail.com <mailto:louisbohm@gmail.com>
>>>
>>>
><https://www.youracclaim.com/badges/f11e0d65-21ad-4458-895b-2c5b5cb11134/public_url
><https://www.youracclaim.com/badges/f11e0d65-21ad-4458-895b-2c5b5cb11134/public_url>>
>>>
><https://www.youracclaim.com/badges/f11e0d65-21ad-4458-895b-2c5b5cb11134/public_url
><https://www.youracclaim.com/badges/f11e0d65-21ad-4458-895b-2c5b5cb11134/public_url>>
>>>
>>>> On May 27, 2020, at 11:01 AM, Scott Dickerson <sdickers(a)redhat.com
><mailto:sdickers@redhat.com>>
>>> wrote:
>>>>
>>>>
>>>> On Wed, May 27, 2020 at 7:42 AM Louis Bohm <louisbohm(a)gmail.com
><mailto:louisbohm@gmail.com>
>>> <mailto:louisbohm@gmail.com <mailto:louisbohm@gmail.com>>>
wrote:
>>>> OS: Oracle Linux 7.8 (unbreakable kernel)
>>>> Using Oracle Linux Virtualization Manager: Software
>>> Version:4.3.6.6-1.0.9.el7
>>>>
>>>> Since I am running all of it on one physical machine I opted to
>>> install the ovirt-engine using the accept defaults option.
>>>>
>>>> When I try to start a noVNC console I see this in the messages
>file:
>>>> May 26 16:49:12 lfg-kvm saslpasswd2: Could not find keytab file:
>>> /etc/qemu/krb5.tab: No such file or directory
>>>> May 26 16:49:12 lfg-kvm saslpasswd2: error deleting entry from
>>> sasldb: BDB0073 DB_NOTFOUND: No matching key/data pair found
>>>> May 26 16:49:12 lfg-kvm saslpasswd2: error deleting entry from
>>> sasldb: BDB0073 DB_NOTFOUND: No matching key/data pair found
>>>> May 26 16:49:12 lfg-kvm saslpasswd2: error deleting entry from
>>> sasldb: BDB0073 DB_NOTFOUND: No matching key/data pair found
>>>> May 26 16:49:12 lfg-kvm saslpasswd2: error deleting entry from
>>> sasldb: BDB0073 DB_NOTFOUND: No matching key/data pair found
>>>> May 26 16:49:14 lfg-kvm journal: 2020-05-26 16:49:14,704-0400
>>> ovirt-websocket-proxy: INFO msg:824 handler exception: [SSL:
>>> SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown
>>> (_ssl.c:618)
>>>> May 26 16:49:14 lfg-kvm ovirt-websocket-proxy.py:
>>> ovirt-websocket-proxy[14582] INFO msg:824 handler exception: [SSL:
>>> SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown
>>> (_ssl.c:618)
>>>>
>>>> I have checked the following:
>>>> [root@lfg-kvm ~]# engine-config -g WebSocketProxy
>>>> WebSocketProxy: lfg-kvm.corp.lfg.com:6100
><http://lfg-kvm.corp.lfg.com:6100/>
>>> <
http://lfg-kvm.corp.lfg.com:6100/
><http://lfg-kvm.corp.lfg.com:6100/>> version: general
>>>> [root@lfg-kvm ~]# engine-config -g SpiceProxyDefault
>>>> SpiceProxyDefault:
http://lfg-kvm.corp.lfg.com:6100
><http://lfg-kvm.corp.lfg.com:6100/>
>>> <
http://lfg-kvm.corp.lfg.com:6100/
><http://lfg-kvm.corp.lfg.com:6100/>> version: general
>>>>
>>>> This is a brand new install.
>>>>
>>>> I also am unable to get a VNC console up and running. I have tried
>>> with an Ubuntu VM running on my MAC where I installed virt-manager.
>>> The viewer comes up for a second says it cannot connect and then
>>> shutsdown.
>>>>
>>>>
>>>> If you're only using noVNC, then you need to make sure you import
>the
>>> CA Cert and trust it in your browser. There is no way to
>interactively
>>> accept the self-signed cert from the engine when noVNC connects via
>the
>>> websocket proxy.
>>>>
>>>> Anyone have any clue?
>>>> -<<—->>-
>>>> Louis Bohm
>>>> louisbohm(a)gmail.com <mailto:louisbohm@gmail.com>
><mailto:louisbohm@gmail.com <mailto:louisbohm@gmail.com>>
>>>>
>>>
><https://www.youracclaim.com/badges/f11e0d65-21ad-4458-895b-2c5b5cb11134/public_url
><https://www.youracclaim.com/badges/f11e0d65-21ad-4458-895b-2c5b5cb11134/public_url>>
>>>
><https://www.youracclaim.com/badges/f11e0d65-21ad-4458-895b-2c5b5cb11134/public_url
><https://www.youracclaim.com/badges/f11e0d65-21ad-4458-895b-2c5b5cb11134/public_url>>
>>>> _______________________________________________
>>>> Users mailing list -- users(a)ovirt.org <mailto:users@ovirt.org>
><mailto:users@ovirt.org <mailto:users@ovirt.org>>
>>>> To unsubscribe send an email to users-leave(a)ovirt.org
><mailto:users-leave@ovirt.org>
>>> <mailto:users-leave@ovirt.org <mailto:users-leave@ovirt.org>>
>>>> Privacy Statement:
https://www.ovirt.org/privacy-policy.html
><https://www.ovirt.org/privacy-policy.html>
>>> <
https://www.ovirt.org/privacy-policy.html
><https://www.ovirt.org/privacy-policy.html>>
>>>> oVirt Code of Conduct:
>>>
https://www.ovirt.org/community/about/community-guidelines/
><https://www.ovirt.org/community/about/community-guidelines/>
>>> <
https://www.ovirt.org/community/about/community-guidelines/
><https://www.ovirt.org/community/about/community-guidelines/>>
>>>> List Archives:
>>>
>https://lists.ovirt.org/archives/list/users@ovirt.org/message/U66GSTI4QJSGPM6LUVF2WC2UW5JQCNCX/
><https://lists.ovirt.org/archives/list/users@ovirt.org/message/U66GSTI4QJSGPM6LUVF2WC2UW5JQCNCX/>
>>>
><https://lists.ovirt.org/archives/list/users@ovirt.org/message/U66GSTI4QJSGPM6LUVF2WC2UW5JQCNCX/
><https://lists.ovirt.org/archives/list/users@ovirt.org/message/U66GSTI4QJSGPM6LUVF2WC2UW5JQCNCX/>>
>>>>
>>>>
>>>> --
>>>> Scott Dickerson
>>>> Senior Software Engineer
>>>> RHV-M Engineering - UX Team
>>>> Red Hat, Inc