Kirk, When I try to connect via the UI "View Console" link I get
This webpage is not available The webpage at *https://......my console server dns name......../ajax?token=Gt3DTg7XXUFOpQjQX1hY9tyik9hj-No8TbP2jveS5VNPdMaqHnAwasJJhHOkX0QSUFHPcWfTlT9dgbd5AUvKfr0knkdeS51Ghb4u6DzBkq8iwUipstcz4JG5FOCKPO4VtDW3tne4FRcqkhJWwOvCc9Tl0LYv9Q3qg50ssYG3mrg7BBYmV8iJy7VmNxPmMQ38jqIRk4N4gbB3HwHQcxi3TY3G9BwKVcFkY4i06X4sIG_fe4C1ugAnSAy0F94hekCV5wPaaGu4kWA * might be temporarily down or it may have moved permanently to a new web address. Error 501 (net::ERR_INSECURE_RESPONSE): Unknown error. Funny thing is when I hover over the "View Console" button the url shown in the browser status bar is http://CloudManagement:8080/client/#. Using the chrome developer tools I found the href tag is set to "#". -Rob On Sun, Dec 30, 2012 at 10:51 PM, Kirk Kosinski <kirkkosin...@gmail.com>wrote: > Opening a browser window directly to HTTPS on a console proxy will > normally give a 404 error. Try accessing a VM console through the > CloudStack UI (which should generate and use a valid URL to the console > proxy) and ignore the cert error to see what happens. > > Kirk > > On 12/30/2012 08:37 PM, Robert Booth wrote: > > Kirk, > > > > When I open a browser window directly to the console server I get an > > invalid certificate error. > > > > "This certificate was signed by an unknown authority" > > > > I need to get that correct but will that stop me in my tracks? > > > > When I click to ignore I get a 404 Not Found error message "No context > > found for request". > > > > -Rob > > > > > > On Sun, Dec 30, 2012 at 10:17 PM, Kirk Kosinski <kirkkosin...@gmail.com > >wrote: > > > >> What is the error in the browser? Can you connect to 443/tcp on the > >> console proxy from your desktop? > >> > >> Best regards, > >> Kirk > >> > >> On 12/30/2012 11:10 AM, Robert Booth wrote: > >>> Thanks Kirk, > >>> > >>> Yes that did it. My domain name is now updated but I still feel no love > >>> with the console proxy. The URL has been updated and everything is > >>> resolving correctly but I still can't connect via the remote console. > >>> I used a self-signed CA and server cert so I'm wondering if that is my > >>> problem. I'm going to keep digging and what I'm missing. My guess is > the > >>> Root CA I created is not trusted in the system. > >>> > >>> As a side not for anyone trying to update the cert in the UI and > getting > >> an > >>> error the it's an invalid cert I did the following. > >>> > >>> 1. Created CA private key > >>> - openssl genrsa -des3 -out mydomain.priv.key 2048 * Remember > password > >>> you will need it > >>> > >>> 2. Created CA certificate request file > >>> - openssl req -new -key mydomain.priv.key -out mydomain.req > >>> > >>> 3. Self-sign my CA request > >>> - openssl x509 -req -days 7305 -sha1 -extfile /etc/ssl/openssl.cnf > >>> -extensions v3_ca -signkey mydomain.priv.key -in mydomain.req -out > >>> mydomain.crt > >>> > >>> 4. Created a server key > >>> - openssl genrsa -out cloud.mydomain.priv.key 2048 > >>> > >>> 5. Generate Server certificate request file > >>> - openssl req -new -key cloud.mydomain.priv.key -out cloud.mydomain.req > >>> > >>> 6. Sign my server request > >>> - openssl x509 -req -days 7000 -sha1 -extfile /etc/ssl/openssl.cnf > >>> -extensions v3_req -CA mydomain.crt -CAkey mydomain.priv.key > >>> -CAcreateserial -in cloud.mydomain.req -out cloud.mydomain.crt > >>> > >>> *** This last step is what fixed my UI error on an invalid SSL key > >>> 7. create a PKCS8 key file > >>> - openssl pkcs8 -topk8 -in cloud.mydomain.priv.key -inform pem -out > >>> cloud.mydomain.pkcs8.key -outform pem -nocrypt > >>> > >>> > >>> In the UI put the contents of cloud.mydomain.crt into certificate > field. > >>> Put the contents on cloud.mydomain.pkcs8.key into the PKCS#8 Private > Key > >>> and finally put your domain name in. > >>> > >>> > >>> > >>> > >>> On Sun, Dec 30, 2012 at 4:55 AM, Kirk Kosinski <kirkkosin...@gmail.com > >>> wrote: > >>> > >>>> Hi, Rob. I don't know what that global setting is supposed to do. To > >>>> update the domain, follow the procedure to update the SSL certificate > >>>> (in UI, Infrastructure > Update SSL Certificate), which includes the > >>>> option to update the domain. > >>>> > >>>> Best regards, > >>>> Kirk > >>>> > >>>> On 12/29/2012 12:36 PM, Robert Booth wrote: > >>>>> I'm trying to get the remote console view to work but I can't seem to > >> get > >>>>> past the realhostip.com url setting. > >>>>> > >>>>> I have a fresh install of CloudStack 4.0 on updated Ubuntu 12.04 > >>>> management > >>>>> server and host. I'm running KVM on the host. > >>>>> > >>>>> I've updated the consoleproxy.url.domain setting on the management > >> server > >>>>> to a valid external domain name and restarted my management server > and > >> no > >>>>> luck. > >>>>> > >>>>> Things I've tried. > >>>>> > >>>>> Restarted the management server > >>>>> > >>>>> Restarted the agent service > >>>>> > >>>>> Removed all system vms and recreated them. > >>>>> > >>>>> Rebooted the management server and the host > >>>>> > >>>>> I still get the realhostip.com address when I try to console into a > vm > >>>> via > >>>>> the UI. > >>>>> > >>>>> Any help would be great! > >>>>> > >>>>> Thanks, > >>>>> Rob > >>>>> > >>>> > >>> > >> > > >
