ovirt 4.3.8.2-1.el7 gtk-vnc2-1.0.0-1.fc31.x86_64 remote-viewer version 8.0-3.fc31 can't open vm console by remote-viewer vm has vnc console protocol when click on console button to connect to a vm, the remote-viewer console disappear immediately remote-viewer debug in attachment
On Wed, Mar 25, 2020 at 12:45 PM David David <dd432690@gmail.com> wrote:
ovirt 4.3.8.2-1.el7 gtk-vnc2-1.0.0-1.fc31.x86_64 remote-viewer version 8.0-3.fc31
can't open vm console by remote-viewer vm has vnc console protocol when click on console button to connect to a vm, the remote-viewer console disappear immediately
remote-viewer debug in attachment
You an issue with the certificates: (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.238: ../src/vncconnection.c Set credential 2 libvirt (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Searching for certs in /etc/pki (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Searching for certs in /root/.pki (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate CA/cacert.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c No CA certificate provided, using GNUTLS global trust (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate CA/cacrl.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate libvirt/private/clientkey.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate libvirt/clientcert.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Waiting for missing credentials (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Got all credentials (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c No CA certificate provided; trying the system trust store instead (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: ../src/vncconnection.c Using the system trust store and CRL (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: ../src/vncconnection.c No client cert or key provided (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: ../src/vncconnection.c No CA revocation list provided (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.241: ../src/vncconnection.c Handshake was blocking (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.243: ../src/vncconnection.c Handshake was blocking (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.251: ../src/vncconnection.c Handshake was blocking (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.298: ../src/vncconnection.c Handshake done (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.298: ../src/vncconnection.c Validating (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.301: ../src/vncconnection.c Error: The certificate is not trusted Adding people that may know more about this. Nir
copied from qemu server all certs except "cacrl" to my desktop-station into /etc/pki/ but remote-viewer is still didn't work 2020-03-26 2:22 GMT+04:00, Nir Soffer <nsoffer@redhat.com>:
On Wed, Mar 25, 2020 at 12:45 PM David David <dd432690@gmail.com> wrote:
ovirt 4.3.8.2-1.el7 gtk-vnc2-1.0.0-1.fc31.x86_64 remote-viewer version 8.0-3.fc31
can't open vm console by remote-viewer vm has vnc console protocol when click on console button to connect to a vm, the remote-viewer console disappear immediately
remote-viewer debug in attachment
You an issue with the certificates:
(remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.238: ../src/vncconnection.c Set credential 2 libvirt (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Searching for certs in /etc/pki (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Searching for certs in /root/.pki (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate CA/cacert.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c No CA certificate provided, using GNUTLS global trust (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate CA/cacrl.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate libvirt/private/clientkey.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate libvirt/clientcert.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Waiting for missing credentials (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Got all credentials (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c No CA certificate provided; trying the system trust store instead (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: ../src/vncconnection.c Using the system trust store and CRL (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: ../src/vncconnection.c No client cert or key provided (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: ../src/vncconnection.c No CA revocation list provided (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.241: ../src/vncconnection.c Handshake was blocking (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.243: ../src/vncconnection.c Handshake was blocking (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.251: ../src/vncconnection.c Handshake was blocking (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.298: ../src/vncconnection.c Handshake done (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.298: ../src/vncconnection.c Validating (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.301: ../src/vncconnection.c Error: The certificate is not trusted
Adding people that may know more about this.
Nir
David David <dd432690@gmail.com> writes:
copied from qemu server all certs except "cacrl" to my desktop-station into /etc/pki/
This is not needed, the CA certificate is included in console.vv and no other certificate should be needed.
but remote-viewer is still didn't work
The log looks like remote-viewer is attempting certificate authentication rather than password authentication. Do you have password in console.vv? It should look like: [virt-viewer] type=vnc host=192.168.122.2 port=5900 password=fxLazJu6BUmL # Password is valid for 120 seconds. ... Regards, Milan
2020-03-26 2:22 GMT+04:00, Nir Soffer <nsoffer@redhat.com>:
On Wed, Mar 25, 2020 at 12:45 PM David David <dd432690@gmail.com> wrote:
ovirt 4.3.8.2-1.el7 gtk-vnc2-1.0.0-1.fc31.x86_64 remote-viewer version 8.0-3.fc31
can't open vm console by remote-viewer vm has vnc console protocol when click on console button to connect to a vm, the remote-viewer console disappear immediately
remote-viewer debug in attachment
You an issue with the certificates:
(remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.238: ../src/vncconnection.c Set credential 2 libvirt (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Searching for certs in /etc/pki (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Searching for certs in /root/.pki (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate CA/cacert.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c No CA certificate provided, using GNUTLS global trust (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate CA/cacrl.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate libvirt/private/clientkey.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate libvirt/clientcert.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Waiting for missing credentials (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Got all credentials (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c No CA certificate provided; trying the system trust store instead (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: ../src/vncconnection.c Using the system trust store and CRL (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: ../src/vncconnection.c No client cert or key provided (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: ../src/vncconnection.c No CA revocation list provided (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.241: ../src/vncconnection.c Handshake was blocking (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.243: ../src/vncconnection.c Handshake was blocking (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.251: ../src/vncconnection.c Handshake was blocking (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.298: ../src/vncconnection.c Handshake done (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.298: ../src/vncconnection.c Validating (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.301: ../src/vncconnection.c Error: The certificate is not trusted
Adding people that may know more about this.
Nir
yes i have console.vv attached 2020-03-26 21:38 GMT+04:00, Milan Zamazal <mzamazal@redhat.com>:
David David <dd432690@gmail.com> writes:
copied from qemu server all certs except "cacrl" to my desktop-station into /etc/pki/
This is not needed, the CA certificate is included in console.vv and no other certificate should be needed.
but remote-viewer is still didn't work
The log looks like remote-viewer is attempting certificate authentication rather than password authentication. Do you have password in console.vv? It should look like:
[virt-viewer] type=vnc host=192.168.122.2 port=5900 password=fxLazJu6BUmL # Password is valid for 120 seconds. ...
Regards, Milan
2020-03-26 2:22 GMT+04:00, Nir Soffer <nsoffer@redhat.com>:
On Wed, Mar 25, 2020 at 12:45 PM David David <dd432690@gmail.com> wrote:
ovirt 4.3.8.2-1.el7 gtk-vnc2-1.0.0-1.fc31.x86_64 remote-viewer version 8.0-3.fc31
can't open vm console by remote-viewer vm has vnc console protocol when click on console button to connect to a vm, the remote-viewer console disappear immediately
remote-viewer debug in attachment
You an issue with the certificates:
(remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.238: ../src/vncconnection.c Set credential 2 libvirt (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Searching for certs in /etc/pki (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Searching for certs in /root/.pki (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate CA/cacert.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c No CA certificate provided, using GNUTLS global trust (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate CA/cacrl.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate libvirt/private/clientkey.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate libvirt/clientcert.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Waiting for missing credentials (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Got all credentials (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c No CA certificate provided; trying the system trust store instead (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: ../src/vncconnection.c Using the system trust store and CRL (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: ../src/vncconnection.c No client cert or key provided (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: ../src/vncconnection.c No CA revocation list provided (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.241: ../src/vncconnection.c Handshake was blocking (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.243: ../src/vncconnection.c Handshake was blocking (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.251: ../src/vncconnection.c Handshake was blocking (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.298: ../src/vncconnection.c Handshake done (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.298: ../src/vncconnection.c Validating (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.301: ../src/vncconnection.c Error: The certificate is not trusted
Adding people that may know more about this.
Nir
David David <dd432690@gmail.com> writes:
yes i have console.vv attached
It looks the same as mine. There is a difference in our logs, you have Possible auth 19 while I have Possible auth 2 So I still suspect a wrong authentication method is used, but I don't have any idea why. Regards, Milan
2020-03-26 21:38 GMT+04:00, Milan Zamazal <mzamazal@redhat.com>:
David David <dd432690@gmail.com> writes:
copied from qemu server all certs except "cacrl" to my desktop-station into /etc/pki/
This is not needed, the CA certificate is included in console.vv and no other certificate should be needed.
but remote-viewer is still didn't work
The log looks like remote-viewer is attempting certificate authentication rather than password authentication. Do you have password in console.vv? It should look like:
[virt-viewer] type=vnc host=192.168.122.2 port=5900 password=fxLazJu6BUmL # Password is valid for 120 seconds. ...
Regards, Milan
2020-03-26 2:22 GMT+04:00, Nir Soffer <nsoffer@redhat.com>:
On Wed, Mar 25, 2020 at 12:45 PM David David <dd432690@gmail.com> wrote:
ovirt 4.3.8.2-1.el7 gtk-vnc2-1.0.0-1.fc31.x86_64 remote-viewer version 8.0-3.fc31
can't open vm console by remote-viewer vm has vnc console protocol when click on console button to connect to a vm, the remote-viewer console disappear immediately
remote-viewer debug in attachment
You an issue with the certificates:
(remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.238: ../src/vncconnection.c Set credential 2 libvirt (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Searching for certs in /etc/pki (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Searching for certs in /root/.pki (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate CA/cacert.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c No CA certificate provided, using GNUTLS global trust (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate CA/cacrl.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate libvirt/private/clientkey.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate libvirt/clientcert.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Waiting for missing credentials (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Got all credentials (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c No CA certificate provided; trying the system trust store instead (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: ../src/vncconnection.c Using the system trust store and CRL (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: ../src/vncconnection.c No client cert or key provided (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: ../src/vncconnection.c No CA revocation list provided (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.241: ../src/vncconnection.c Handshake was blocking (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.243: ../src/vncconnection.c Handshake was blocking (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.251: ../src/vncconnection.c Handshake was blocking (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.298: ../src/vncconnection.c Handshake done (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.298: ../src/vncconnection.c Validating (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.301: ../src/vncconnection.c Error: The certificate is not trusted
Adding people that may know more about this.
Nir
here is debug from opening console.vv by remote-viewer 2020-03-27 14:09 GMT+04:00, Milan Zamazal <mzamazal@redhat.com>:
David David <dd432690@gmail.com> writes:
yes i have console.vv attached
It looks the same as mine.
There is a difference in our logs, you have
Possible auth 19
while I have
Possible auth 2
So I still suspect a wrong authentication method is used, but I don't have any idea why.
Regards, Milan
2020-03-26 21:38 GMT+04:00, Milan Zamazal <mzamazal@redhat.com>:
David David <dd432690@gmail.com> writes:
copied from qemu server all certs except "cacrl" to my desktop-station into /etc/pki/
This is not needed, the CA certificate is included in console.vv and no other certificate should be needed.
but remote-viewer is still didn't work
The log looks like remote-viewer is attempting certificate authentication rather than password authentication. Do you have password in console.vv? It should look like:
[virt-viewer] type=vnc host=192.168.122.2 port=5900 password=fxLazJu6BUmL # Password is valid for 120 seconds. ...
Regards, Milan
2020-03-26 2:22 GMT+04:00, Nir Soffer <nsoffer@redhat.com>:
On Wed, Mar 25, 2020 at 12:45 PM David David <dd432690@gmail.com> wrote:
ovirt 4.3.8.2-1.el7 gtk-vnc2-1.0.0-1.fc31.x86_64 remote-viewer version 8.0-3.fc31
can't open vm console by remote-viewer vm has vnc console protocol when click on console button to connect to a vm, the remote-viewer console disappear immediately
remote-viewer debug in attachment
You an issue with the certificates:
(remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.238: ../src/vncconnection.c Set credential 2 libvirt (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Searching for certs in /etc/pki (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Searching for certs in /root/.pki (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate CA/cacert.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c No CA certificate provided, using GNUTLS global trust (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate CA/cacrl.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate libvirt/private/clientkey.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate libvirt/clientcert.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Waiting for missing credentials (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Got all credentials (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c No CA certificate provided; trying the system trust store instead (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: ../src/vncconnection.c Using the system trust store and CRL (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: ../src/vncconnection.c No client cert or key provided (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: ../src/vncconnection.c No CA revocation list provided (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.241: ../src/vncconnection.c Handshake was blocking (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.243: ../src/vncconnection.c Handshake was blocking (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.251: ../src/vncconnection.c Handshake was blocking (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.298: ../src/vncconnection.c Handshake done (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.298: ../src/vncconnection.c Validating (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.301: ../src/vncconnection.c Error: The certificate is not trusted
Adding people that may know more about this.
Nir
On March 27, 2020 12:23:10 PM GMT+02:00, David David <dd432690@gmail.com> wrote:
here is debug from opening console.vv by remote-viewer
2020-03-27 14:09 GMT+04:00, Milan Zamazal <mzamazal@redhat.com>:
David David <dd432690@gmail.com> writes:
yes i have console.vv attached
It looks the same as mine.
There is a difference in our logs, you have
Possible auth 19
while I have
Possible auth 2
So I still suspect a wrong authentication method is used, but I don't have any idea why.
Regards, Milan
2020-03-26 21:38 GMT+04:00, Milan Zamazal <mzamazal@redhat.com>:
David David <dd432690@gmail.com> writes:
copied from qemu server all certs except "cacrl" to my desktop-station into /etc/pki/
This is not needed, the CA certificate is included in console.vv and no other certificate should be needed.
but remote-viewer is still didn't work
The log looks like remote-viewer is attempting certificate authentication rather than password authentication. Do you have password in console.vv? It should look like:
[virt-viewer] type=vnc host=192.168.122.2 port=5900 password=fxLazJu6BUmL # Password is valid for 120 seconds. ...
Regards, Milan
2020-03-26 2:22 GMT+04:00, Nir Soffer <nsoffer@redhat.com>:
On Wed, Mar 25, 2020 at 12:45 PM David David <dd432690@gmail.com> wrote: > > ovirt 4.3.8.2-1.el7 > gtk-vnc2-1.0.0-1.fc31.x86_64 > remote-viewer version 8.0-3.fc31 > > can't open vm console by remote-viewer > vm has vnc console protocol > when click on console button to connect to a vm, the remote-viewer > console disappear immediately > > remote-viewer debug in attachment
You an issue with the certificates:
(remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.238: ../src/vncconnection.c Set credential 2 libvirt (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Searching for certs in /etc/pki (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Searching for certs in /root/.pki (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate CA/cacert.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c No CA certificate provided, using GNUTLS global trust (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate CA/cacrl.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate libvirt/private/clientkey.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Failed to find certificate libvirt/clientcert.pem (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Waiting for missing credentials (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c Got all credentials (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: ../src/vncconnection.c No CA certificate provided; trying the system trust store instead (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: ../src/vncconnection.c Using the system trust store and CRL (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: ../src/vncconnection.c No client cert or key provided (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: ../src/vncconnection.c No CA revocation list provided (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.241: ../src/vncconnection.c Handshake was blocking (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.243: ../src/vncconnection.c Handshake was blocking (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.251: ../src/vncconnection.c Handshake was blocking (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.298: ../src/vncconnection.c Handshake done (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.298: ../src/vncconnection.c Validating (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.301: ../src/vncconnection.c Error: The certificate is not trusted
Adding people that may know more about this.
Nir
Hello, You can try to take the engine's CA (maybe it's useless) and put it on your system in: /etc/pki/ca-trust/source/anchors (if it's EL7 or a Fedora) and then run update-ca-trust Best Regards, Strahil Nikolov
participants (4)
-
David David -
Milan Zamazal -
Nir Soffer -
Strahil Nikolov