I have figure out the problem -- apparently Firefox requires the Engine's CA to be imported into its Firefox's own CA store for websockets to work (normal HTTPS traffic appears to work just fine with Engine's CA in the global MacOS CA store).

On Fri, Nov 11, 2022 at 2:51 PM Alexandre Bezroutchko <abb@gremwell.com> wrote:
Hello,

I have deployed oVirt 4.5 on CentOS Stream 8 with self-hosted engine, in IPv6-only mode.
I am trying to use noVNC console, from Firefox on MacOS.
I have added engine's CA to the list of trusted CAs.

I have noticed the webproxy only listens on IPv4 by default, I have tried to add the following configuration file and it made it listed on both IPv4 and IPv6:

[root@mng41 ~]# cat /etc/ovirt-engine/ovirt-websocket-proxy.conf.d/20-ipv6.conf
SOURCE_IS_IPV6=True

Is this correct approach or there is a better way? I guess this should be part of the setup process...

Anyway, it does not solve my issue. When I try to use noVNC console, I get the following error in the Firefox javascript console:


I also get the following message:

Firefox can’t establish a connection to the server at wss://mng41.gremwell.com:6100/ey...

I have checked that the port is open and I see some traffic flowing between the browser and that port.

In /var/log/ovirt-engine/engine.log I see:

2022-11-11 14:32:57,652+01 INFO  [org.ovirt.engine.core.bll.SetVmTicketCommand] (default task-11) [2d6aa0eb] Running command: SetVmTicketCommand internal: false. Entities affected :  ID: 7fb95436-da52-421a-a733-503181429929 Type: VMAction group CONNECT_TO_VM with role type USER
2022-11-11 14:32:57,657+01 INFO  [org.ovirt.engine.core.vdsbroker.vdsbroker.SetVmTicketVDSCommand] (default task-11) [2d6aa0eb] START, SetVmTicketVDSCommand(HostName = elon41.gremwell.com, SetVmTicketVDSCommandParameters:{hostId='f63b9132-fb54-4c24-b5b3-240c0a1896f9', vmId='7fb95436-da52-421a-a733-503181429929', protocol='VNC', ticket='47kRPdus', validTime='120', userName='admin', userId='af04127c-60d7-11ed-8ad9-00163e63cf1d', disconnectAction='LOCK_SCREEN', consoleDisconnectActionDelay='0'}), log id: 27745778
2022-11-11 14:32:57,688+01 INFO  [org.ovirt.engine.core.vdsbroker.vdsbroker.SetVmTicketVDSCommand] (default task-11) [2d6aa0eb] FINISH, SetVmTicketVDSCommand, return: , log id: 27745778
2022-11-11 14:32:57,716+01 INFO  [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (default task-11) [2d6aa0eb] EVENT_ID: VM_SET_TICKET(164), User admin@internal-authz initiated console session for VM test
2022-11-11 14:32:57,947+01 INFO  [org.ovirt.engine.core.utils.servlet.ServletUtils] (default task-11) [] Can't read file '/usr/share/ovirt-engine/files/novnc/vendor/promise.js' for request '/ovirt-engine/services/files/novnc/vendor/promise.js' -- 404

Any ideas how to have this fixed?

Best regards,
Alex