What is the error in the browser? Can you connect to 443/tcp on the console proxy from your desktop?
Best regards, Kirk On 12/30/2012 11:10 AM, Robert Booth wrote: > Thanks Kirk, > > Yes that did it. My domain name is now updated but I still feel no love > with the console proxy. The URL has been updated and everything is > resolving correctly but I still can't connect via the remote console. > I used a self-signed CA and server cert so I'm wondering if that is my > problem. I'm going to keep digging and what I'm missing. My guess is the > Root CA I created is not trusted in the system. > > As a side not for anyone trying to update the cert in the UI and getting an > error the it's an invalid cert I did the following. > > 1. Created CA private key > - openssl genrsa -des3 -out mydomain.priv.key 2048 * Remember password > you will need it > > 2. Created CA certificate request file > - openssl req -new -key mydomain.priv.key -out mydomain.req > > 3. Self-sign my CA request > - openssl x509 -req -days 7305 -sha1 -extfile /etc/ssl/openssl.cnf > -extensions v3_ca -signkey mydomain.priv.key -in mydomain.req -out > mydomain.crt > > 4. Created a server key > - openssl genrsa -out cloud.mydomain.priv.key 2048 > > 5. Generate Server certificate request file > - openssl req -new -key cloud.mydomain.priv.key -out cloud.mydomain.req > > 6. Sign my server request > - openssl x509 -req -days 7000 -sha1 -extfile /etc/ssl/openssl.cnf > -extensions v3_req -CA mydomain.crt -CAkey mydomain.priv.key > -CAcreateserial -in cloud.mydomain.req -out cloud.mydomain.crt > > *** This last step is what fixed my UI error on an invalid SSL key > 7. create a PKCS8 key file > - openssl pkcs8 -topk8 -in cloud.mydomain.priv.key -inform pem -out > cloud.mydomain.pkcs8.key -outform pem -nocrypt > > > In the UI put the contents of cloud.mydomain.crt into certificate field. > Put the contents on cloud.mydomain.pkcs8.key into the PKCS#8 Private Key > and finally put your domain name in. > > > > > On Sun, Dec 30, 2012 at 4:55 AM, Kirk Kosinski <kirkkosin...@gmail.com>wrote: > >> Hi, Rob. I don't know what that global setting is supposed to do. To >> update the domain, follow the procedure to update the SSL certificate >> (in UI, Infrastructure > Update SSL Certificate), which includes the >> option to update the domain. >> >> Best regards, >> Kirk >> >> On 12/29/2012 12:36 PM, Robert Booth wrote: >>> I'm trying to get the remote console view to work but I can't seem to get >>> past the realhostip.com url setting. >>> >>> I have a fresh install of CloudStack 4.0 on updated Ubuntu 12.04 >> management >>> server and host. I'm running KVM on the host. >>> >>> I've updated the consoleproxy.url.domain setting on the management server >>> to a valid external domain name and restarted my management server and no >>> luck. >>> >>> Things I've tried. >>> >>> Restarted the management server >>> >>> Restarted the agent service >>> >>> Removed all system vms and recreated them. >>> >>> Rebooted the management server and the host >>> >>> I still get the realhostip.com address when I try to console into a vm >> via >>> the UI. >>> >>> Any help would be great! >>> >>> Thanks, >>> Rob >>> >> >
