--Apple-Mail=_B6A1E7E5-D1C9-421D-BCC2-D0125D5DE1FB Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 That was it, thanks! -Darrell wrote: up after updating to 3.5.0. VNC is working if I make direct connections, = but it looks like the web socket proxy never tries to connect to the = host server. noVNC is just reporting then generic 1006 error. Firefox = reports it already has the right ca.crt installed, so it=E2=80=99s not = that. =46rom watching the network, it looks like it never gets = authenticated properly to the web proxy, and never tries to connect on = from there. locating any in the usual log files when I try this=E2=80=A6 <http://lists.ovirt.org/mailman/listinfo/users> proprietary information of NetSuite Inc. and is for the sole use of the = intended recipient for the stated purpose. Any improper use or = distribution is prohibited. If you are not the intended recipient, = please notify the sender; do not review, copy or distribute; and = promptly delete or destroy all transmitted information. Please note that = all communications and information transmitted through this email system = may be monitored and retained by NetSuite or its agents and that all = incoming email is automatically scanned by a third party spam and = filtering service which may result in deletion of a legitimate e-mail = before it is read by the intended recipient. --Apple-Mail=_B6A1E7E5-D1C9-421D-BCC2-D0125D5DE1FB Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 <html><head><meta http-equiv=3D"Content-Type" content=3D"text/html = charset=3Dutf-8"></head><body style=3D"word-wrap: break-word; = -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" = class=3D"">That was it, thanks!<div class=3D""><br class=3D""></div><div = class=3D"">&nbsp; -Darrell</div><div class=3D""><br = class=3D""><div><blockquote type=3D"cite" class=3D""><div class=3D"">On = Nov 14, 2014, at 7:09 AM, Finstrle, Ludek &lt;<a = href=3D"mailto:lfinstrle@netsuite.com" = class=3D&quot;&quot;&gt;lfinstrle(a)netsuite.com&lt;/a&gt;&amp;gt; wrote:</div><br = class=3D"Apple-interchange-newline"><div class=3D""><div class=3D""> <br class=3D""> Hi Darrel,<br class=3D""> <br class=3D""> have you accepted the certificate for the web socket proxy?<br = class=3D""> ( usually <a href=3D"https://&lt;your" target=3D"_blank" = class=3D"">https://&lt;your</a> engine&gt;:6100/ )<br class=3D""> <br class=3D""> Cheers,<br class=3D""> <br class=3D""> Luf<br class=3D""> <br class=3D""> Darrell Budic p=C3=AD=C5=A1e v =C4=8Ct 13. 11. 2014 v 14:25 -0600:<br = class=3D""> &gt; I had noVNC working under 3.4, but can=E2=80=99t seem to get it = back up after updating to 3.5.0. VNC is working if I make direct = connections, but it looks like the web socket proxy never tries to = connect to the host server. noVNC is just reporting then generic 1006 = error. Firefox reports it already has the right ca.crt installed, so = it=E2=80=99s not that. =46rom watching the network, it looks like it = never gets authenticated properly to the web proxy, and never tries to = connect on from there.<br class=3D""> &gt; <br class=3D""> &gt; Any way to get some debugging info for the web socket proxy? Not = locating any in the usual log files when I try this=E2=80=A6<br = class=3D""> &gt; <br class=3D""> &gt; Anyone else seeing a similar problem?<br class=3D""> &gt; <br class=3D""> &gt; -Darrell<br class=3D""> &gt; _______________________________________________<br class=3D""> &gt; Users mailing list<br class=3D""> &gt; <a href=3D"mailto:Users@ovirt.org" class=3D&quot;&quot;&gt;Users(a)ovirt.org&lt;/a&gt;&lt;br = class=3D""> &gt; <a href=3D"http://lists.ovirt.org/mailman/listinfo/users" = target=3D"_blank" = class=3D"">http://lists.ovirt.org/mailman/listinfo/users<... = class=3D""> <br class=3D""> <br class=3D""> <font size=3D"1" class=3D""> NOTICE: This email and any attachments may contain confidential and = proprietary information of NetSuite Inc. and is for the sole use of the = intended recipient for the stated purpose. Any improper use or = distribution is prohibited. If you are not the intended recipient, = please notify the sender; do not review, copy or distribute; and = promptly delete or destroy all transmitted information. Please note that = all communications and information transmitted through this email system = may be monitored and retained by NetSuite or its agents and that all = incoming email is automatically scanned by a third party spam and = filtering service which may result in deletion of a legitimate e-mail = before it is read by the intended recipient.</font> </div> </div></blockquote></div><br class=3D""></div></body></html>= --Apple-Mail=_B6A1E7E5-D1C9-421D-BCC2-D0125D5DE1FB--

That’s what I thought too, but... Firefox tells me “This certificate is already installed as a certificate authority.” though. It looks like the cert for :6100 is the proper one, too. Maybe a firefox change with their new signing rules (i’ve disabled security.use_mozillapkix_verification due to problems with other internal certs)? I tried removing all the old web site certs and still had to add the https://<engine>:6100 cert to get the noVNC console to connect.

----- Original Message ----- No, it's shouldn't and, as far as I know, it doesn't. Darrell, can you please check the certification path of that cert and when it was signed?