[Users] noVNC https certs

Alon Bar-Lev alonbl at redhat.com
Mon Jan 13 13:12:08 EST 2014



----- Original Message -----
> From: "Neil Schulz" <neil.schulz at neteasy.us>
> To: "Thomas Suckow" <thomas.suckow at pnnl.gov>, users at ovirt.org
> Sent: Monday, January 13, 2014 7:57:38 PM
> Subject: Re: [Users] noVNC https certs
> 
> Excellent, that's what I was looking for. I already tried going to
> http://<FQDN>/ca.crt, downloaded it, and installed it but still received
> the same error. I'm going to replace them for 3rd party ones.

It should not happen.

Which browser do you use? how did you mark the CA certificate within the browser?

> 
> Thank you for the help!
> 
> On 1/13/2014 12:54 PM, Thomas Suckow wrote:
> > On 01/13/2014 09:50 AM, Neil Schulz wrote:
> >> So, this is the only way to stop having to accept the cert?
> >>
> >> I'd have to tell all our clients to download and install that cert to
> >> their workstation?
> >>
> > No.
> >
> > You can replace the  Websocket Proxy certs referenced by
> > /etc/ovirt-engine/ovirt-websocket-proxy.conf.d/10-setup.conf
> >
> > The websocket proxy needs a combined certificate file with your cert and
> > the entire chain for SSL_CERTIFICATE
> >
> > SSL_KEY is just the unencrypted key, and it MUST be accessible by the
> > ovirt user.
> > _______________________________________________
> > Users mailing list
> > Users at ovirt.org
> > http://lists.ovirt.org/mailman/listinfo/users
> 
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
> 


More information about the Users mailing list