Do not have Ncat on my windows vm but I can telnet to port 6100 on the engine from both my windows vm and my MAC. Louis -<<—->>- Louis Bohm louisbohm@gmail.com <https://www.youracclaim.com/badges/f11e0d65-21ad-4458-895b-2c5b5cb11134/public_url> <https://www.youracclaim.com/badges/f11e0d65-21ad-4458-895b-2c5b5cb11134/public_url>
On May 28, 2020, at 12:03 PM, Strahil Nikolov <hunter86_bg@yahoo.com> wrote:
Are you in the same network segment as the Engine ? Maybe there is a firewall preventing you to reach port 6100/tcp . What is the output from ncat -v engine-FQDN 6100
Best Regards, Strahil Nikolov
На 27 май 2020 г. 18:48:31 GMT+03:00, Louis Bohm <louisbohm@gmail.com <mailto:louisbohm@gmail.com>> написа:
I am running MAC OS X but I was able to import the CA Cert and I can see it in my Keychain. However, when I try to bring up the console I get: Can't connect to websocket proxy server wss://lfg-kvm.corp.lfg.com:6100 <wss://lfg-kvm.corp.lfg.com:6100/>. Please check that: websocket proxy service is running, firewalls are properly set, websocket proxy certificate is trusted by your browser. Default CA certificate <https://lfg-kvm.corp.lfgardens.com/ovirt-engine/services/pki-resource?resource=ca-certificate&format=X509-PEM-CA <https://lfg-kvm.corp.lfgardens.com/ovirt-engine/services/pki-resource?resource=ca-certificate&format=X509-PEM-CA>>.
Louis -<<—->>- Louis Bohm louisbohm@gmail.com <mailto:louisbohm@gmail.com>
<https://www.youracclaim.com/badges/f11e0d65-21ad-4458-895b-2c5b5cb11134/publ... <https://www.youracclaim.com/badges/f11e0d65-21ad-4458-895b-2c5b5cb11134/public_url>> <https://www.youracclaim.com/badges/f11e0d65-21ad-4458-895b-2c5b5cb11134/publ... <https://www.youracclaim.com/badges/f11e0d65-21ad-4458-895b-2c5b5cb11134/public_url>>
On May 27, 2020, at 11:01 AM, Scott Dickerson <sdickers@redhat.com <mailto:sdickers@redhat.com>> wrote:
On Wed, May 27, 2020 at 7:42 AM Louis Bohm <louisbohm@gmail.com <mailto:louisbohm@gmail.com> <mailto:louisbohm@gmail.com <mailto:louisbohm@gmail.com>>> wrote: OS: Oracle Linux 7.8 (unbreakable kernel) Using Oracle Linux Virtualization Manager: Software Version:4.3.6.6-1.0.9.el7
Since I am running all of it on one physical machine I opted to install the ovirt-engine using the accept defaults option.
When I try to start a noVNC console I see this in the messages file: May 26 16:49:12 lfg-kvm saslpasswd2: Could not find keytab file: /etc/qemu/krb5.tab: No such file or directory May 26 16:49:12 lfg-kvm saslpasswd2: error deleting entry from sasldb: BDB0073 DB_NOTFOUND: No matching key/data pair found May 26 16:49:12 lfg-kvm saslpasswd2: error deleting entry from sasldb: BDB0073 DB_NOTFOUND: No matching key/data pair found May 26 16:49:12 lfg-kvm saslpasswd2: error deleting entry from sasldb: BDB0073 DB_NOTFOUND: No matching key/data pair found May 26 16:49:12 lfg-kvm saslpasswd2: error deleting entry from sasldb: BDB0073 DB_NOTFOUND: No matching key/data pair found May 26 16:49:14 lfg-kvm journal: 2020-05-26 16:49:14,704-0400 ovirt-websocket-proxy: INFO msg:824 handler exception: [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:618) May 26 16:49:14 lfg-kvm ovirt-websocket-proxy.py: ovirt-websocket-proxy[14582] INFO msg:824 handler exception: [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:618)
I have checked the following: [root@lfg-kvm ~]# engine-config -g WebSocketProxy WebSocketProxy: lfg-kvm.corp.lfg.com:6100 <http://lfg-kvm.corp.lfg.com:6100/> <http://lfg-kvm.corp.lfg.com:6100/ <http://lfg-kvm.corp.lfg.com:6100/>> version: general [root@lfg-kvm ~]# engine-config -g SpiceProxyDefault SpiceProxyDefault: http://lfg-kvm.corp.lfg.com:6100 <http://lfg-kvm.corp.lfg.com:6100/> <http://lfg-kvm.corp.lfg.com:6100/ <http://lfg-kvm.corp.lfg.com:6100/>> version: general
This is a brand new install.
I also am unable to get a VNC console up and running. I have tried with an Ubuntu VM running on my MAC where I installed virt-manager. The viewer comes up for a second says it cannot connect and then shutsdown.
If you're only using noVNC, then you need to make sure you import the CA Cert and trust it in your browser. There is no way to interactively accept the self-signed cert from the engine when noVNC connects via the websocket proxy.
Anyone have any clue? -<<—->>- Louis Bohm louisbohm@gmail.com <mailto:louisbohm@gmail.com> <mailto:louisbohm@gmail.com <mailto:louisbohm@gmail.com>>
<https://www.youracclaim.com/badges/f11e0d65-21ad-4458-895b-2c5b5cb11134/publ... <https://www.youracclaim.com/badges/f11e0d65-21ad-4458-895b-2c5b5cb11134/public_url>> <https://www.youracclaim.com/badges/f11e0d65-21ad-4458-895b-2c5b5cb11134/publ... <https://www.youracclaim.com/badges/f11e0d65-21ad-4458-895b-2c5b5cb11134/public_url>>
_______________________________________________ Users mailing list -- users@ovirt.org <mailto:users@ovirt.org> <mailto:users@ovirt.org <mailto:users@ovirt.org>> To unsubscribe send an email to users-leave@ovirt.org <mailto:users-leave@ovirt.org> <mailto:users-leave@ovirt.org <mailto:users-leave@ovirt.org>> Privacy Statement: https://www.ovirt.org/privacy-policy.html <https://www.ovirt.org/privacy-policy.html> <https://www.ovirt.org/privacy-policy.html <https://www.ovirt.org/privacy-policy.html>> oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ <https://www.ovirt.org/community/about/community-guidelines/> <https://www.ovirt.org/community/about/community-guidelines/ <https://www.ovirt.org/community/about/community-guidelines/>> List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/U66GSTI4QJSGPM... <https://lists.ovirt.org/archives/list/users@ovirt.org/message/U66GSTI4QJSGPM6LUVF2WC2UW5JQCNCX/> <https://lists.ovirt.org/archives/list/users@ovirt.org/message/U66GSTI4QJSGPM... <https://lists.ovirt.org/archives/list/users@ovirt.org/message/U66GSTI4QJSGPM6LUVF2WC2UW5JQCNCX/>>
-- Scott Dickerson Senior Software Engineer RHV-M Engineering - UX Team Red Hat, Inc
