[ovirt-users] Unable to use the SPICE HTML5 tool
Gianluca Cecchi
gianluca.cecchi at gmail.com
Thu Jun 11 10:16:26 UTC 2015
On Thu, Jun 11, 2015 at 11:57 AM, <nicolas at devels.es> wrote:
> El 2015-06-11 08:55, Simone Tiraboschi escribió:
>
>>
>>
> Indeed, checking the Javascript console I discovered where the culprit is.
> This ovirt engine machine had formerly a FQDN that was changed afterwards
> (I used the .../setup/bin/ovirt-engine-rename script), so at installation
> time, SSL certs were issued for that FQDN. The ovirt-engine-rename script
> regenerated the engine certs, but seems that it didn't do the work for the
> websocket proxy, so the old FQDN cert is still used and a connection cannot
> be established with the daemon (logically, due to the mismatch). I can't
> find any documentation on how to regenerate the websocket proxy cert,
> though. Is there some script for that, or at least some manual way to
> accomplish it?
>
> Thanks for your help.
>
>
>
Based on an environment in 3.3.2 I solved a situation with webSocketProxy
Enabled only after original install + update thanks to Alon advises.
See full lthread here:
http://lists.ovirt.org/pipermail/users/2013-December/018554.html
Possibly it can apply to your environment too
You could do the following:
1. remove
In /etc/pki/ovirt-engine/keys/:
websocket-proxy.key.nopass
websocket-proxy.p12
In /etc/pki/ovirt-engine/certs/:
websocket-proxy.cer
2. run setup using:
# engine-setup --otopi-environment="OVESETUP_CONFIG/websocketProxyConfig=
bool:True"
and this should create websocket proxy certificates/keys in correct way....
Be sure to make backups and verify better, in particular it this is a
production environment.
HIH,
Gianluca
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20150611/accb2ddc/attachment-0001.html>
More information about the Users
mailing list