Re: [ovirt-users] Unable to run noVNC console un recent browsers

From: "Darrell Budic" <budic(a)onholyground.com&gt; To: "Simone Tiraboschi" <stirabos(a)redhat.com&gt; Cc: "users" <users(a)ovirt.org&gt; Sent: Friday, February 20, 2015 5:57:10 PM Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers I had some trouble with self signed certs in firefox when they switch to the new pkix stuff recently, have you tried setting security.use_mozillapkix_verification to false?

> On Feb 20, 2015, at 8:56 AM, Simone Tiraboschi <stirabos(a)redhat.com&gt; wrote: > > > > ----- Original Message ----- >> From: "Donny Davis" <donny(a)cloudspin.me&gt; >> To: "Simone Tiraboschi" <stirabos(a)redhat.com&gt; >> Cc: users(a)ovirt.org >> Sent: Friday, February 20, 2015 3:53:04 PM >> Subject: RE: [ovirt-users] Unable to run noVNC console un recent browsers >> >> No, I made my life easy and used nginx to proxy for the websocket. I was >> then >> able to use my commercial ssl cert to avoid all of these issues. Using a >> proxy for a proxy has been working out quite well for cloudspin, because I >> don't have to mess with anything internal to the engine and noVNC works >> without issue. > > Yes, using the oVirt internal CA is just the low-profile out of the box > solution. > >> DonnyD >> >> -----Original Message----- >> From: Simone Tiraboschi [mailto:stirabos@redhat.com] >> Sent: Friday, February 20, 2015 7:03 AM >> To: Donny Davis >> Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers >> >> >> >> ----- Original Message ----- >>> From: "Donny Davis" <donny(a)cloudspin.me&gt; >>> To: "Simone Tiraboschi" <stirabos(a)redhat.com&gt; >>> Sent: Friday, February 20, 2015 2:23:56 PM >>> Subject: RE: [ovirt-users] Unable to run noVNC console un recent >>> browsers >>> >>> Is your websocket proxy on the same machine as your engine. I also get >>> the CA error when the time it off. The proxy throws the error to >>> /var/log/messages >> >> Hi Donny, >> I'm using the proxy on the same machine where the engine runs. >> No error till now no my side. >> >> I also trusted oVirt internal CA to sign other certs in my browser. Did >> you? >> You can find it at https://{engine}/ca.crt >> >> You should download it and add to the list of trusted certification >> authorities in your browser. >> >>> -----Original Message----- >>> From: users-bounces(a)ovirt.org [mailto:users-bounces@ovirt.org] On >>> Behalf Of Simone Tiraboschi >>> Sent: Friday, February 20, 2015 5:57 AM >>> To: Stefano Danzi >>> Cc: users(a)ovirt.org >>> Subject: Re: [ovirt-users] Unable to run noVNC console un recent >>> browsers >>> >>> >>> >>> ----- Original Message ----- >>>> From: "Stefano Danzi" <s.danzi(a)hawai.it&gt; >>>> To: "Darrell Budic" <budic(a)onholyground.com&gt; >>>> Cc: users(a)ovirt.org >>>> Sent: Friday, February 20, 2015 9:07:51 AM >>>> Subject: Re: [ovirt-users] Unable to run noVNC console un recent >>>> browsers >>>> >>>> Hello! >>>> Already done but this didn't help. >>>> >>>> I downloaded a portable version of Firefox 17 and noVNC work as >>>> expected. >>>> >>>> Il 20/02/2015 5.18, Darrell Budic ha scritto: >>>> >>>> >>>> >>>> Try reimporting the ca.cert for noVNC by connecting directly to the >>>> webproxy address at port 6100. Do this by trying to connect to a >>>> console and then, once the 1006 error shows up, just strip off >>>> everything after :6100/ . I've found that somewhere in or after 3.5, >>>> restarting the webproxy causes it to generate its own new ca.cert >>>> even >>> through it shouldn't. >>>> >>>> -Darrell >>>> >>>> >>>> >>>> On Feb 19, 2015, at 4:09 PM, Stefano Danzi <s.danzi(a)hawai.it&gt; wrote: >>>> >>>> Hello, >>>> >>>> I can't make work noVNC console on recent browsers (Chrome 40, >>>> Firefox >>>> 35 and IE 11). >>>> >>>> The error that I have is already explained here: >>>> https://forge.univention.org/bugzilla/show_bug.cgi?id=33587 I tried >>>> to change websocket like suggested ( >>>> http://errata.univention.de/ucs/3.2/31.html ) but this not helped. >>> >>> noVNC 0.5.1 should be soon released in EPEL6/EPEL7 as for [1]. >>> noVNC 0.5.1 should also improve compatibility with recent browsers. >>> >>> [1] https://bugzilla.redhat.com/show_bug.cgi?id=1193454#c3 >>> >>> >>>> Someone know a workaround? >>>> _______________________________________________ >>>> Users mailing list Users(a)ovirt.org >>>> http://lists.ovirt.org/mailman/listinfo/users >>>> >>>> >>>> _______________________________________________ >>>> Users mailing list >>>> Users(a)ovirt.org >>>> http://lists.ovirt.org/mailman/listinfo/users >>>> >>> _______________________________________________ >>> Users mailing list >>> Users(a)ovirt.org >>> http://lists.ovirt.org/mailman/listinfo/users >>> >>> >> >> > _______________________________________________ > Users mailing list > Users(a)ovirt.org > http://lists.ovirt.org/mailman/listinfo/users