One update. I've been using Chrome up to this point and decided to try Safari. I was presented with the message that the certificate was invalid but I was able to continue. Now I get the following error message.
Unable to start console session as connection is refused by the machine you are accessing -Rob On Mon, Dec 31, 2012 at 8:45 AM, Mathias Mullins <mathias.mull...@citrix.com > wrote: > Rob, > > Did you populate your DNS server with all of the A records for each IP in > your range? > > Information is in this document. > http://docs.cloudstack.org/Knowledge_Base/Replacing_realhostip.com_with_your_own_domain > > Thanks, > Matt > > On Dec 31, 2012, at 9:01 AM, "Robert Booth" <robert.bo...@trebortech.com > <mailto:robert.bo...@trebortech.com>> wrote: > > Kirk, > > When I try to connect via the UI "View Console" link I get > > This webpage is not available > > The webpage at *https://......my console server dns > > name......../ajax?token=Gt3DTg7XXUFOpQjQX1hY9tyik9hj-No8TbP2jveS5VNPdMaqHnAwasJJhHOkX0QSUFHPcWfTlT9dgbd5AUvKfr0knkdeS51Ghb4u6DzBkq8iwUipstcz4JG5FOCKPO4VtDW3tne4FRcqkhJWwOvCc9Tl0LYv9Q3qg50ssYG3mrg7BBYmV8iJy7VmNxPmMQ38jqIRk4N4gbB3HwHQcxi3TY3G9BwKVcFkY4i06X4sIG_fe4C1ugAnSAy0F94hekCV5wPaaGu4kWA > * might be temporarily down or it may have moved permanently to a new web > address. > > Error 501 (net::ERR_INSECURE_RESPONSE): Unknown error. > > > Funny thing is when I hover over the "View Console" button the url shown in > the browser status bar is http://CloudManagement:8080/client/#. Using the > chrome developer tools I found the href tag is set to "#". > > > -Rob > > > On Sun, Dec 30, 2012 at 10:51 PM, Kirk Kosinski <kirkkosin...@gmail.com > <mailto:kirkkosin...@gmail.com>>wrote: > > Opening a browser window directly to HTTPS on a console proxy will > normally give a 404 error. Try accessing a VM console through the > CloudStack UI (which should generate and use a valid URL to the console > proxy) and ignore the cert error to see what happens. > > Kirk > > On 12/30/2012 08:37 PM, Robert Booth wrote: > Kirk, > > When I open a browser window directly to the console server I get an > invalid certificate error. > > "This certificate was signed by an unknown authority" > > I need to get that correct but will that stop me in my tracks? > > When I click to ignore I get a 404 Not Found error message "No context > found for request". > > -Rob > > > On Sun, Dec 30, 2012 at 10:17 PM, Kirk Kosinski <kirkkosin...@gmail.com > <mailto:kirkkosin...@gmail.com> > wrote: > > What is the error in the browser? Can you connect to 443/tcp on the > console proxy from your desktop? > > Best regards, > Kirk > > On 12/30/2012 11:10 AM, Robert Booth wrote: > Thanks Kirk, > > Yes that did it. My domain name is now updated but I still feel no love > with the console proxy. The URL has been updated and everything is > resolving correctly but I still can't connect via the remote console. > I used a self-signed CA and server cert so I'm wondering if that is my > problem. I'm going to keep digging and what I'm missing. My guess is > the > Root CA I created is not trusted in the system. > > As a side not for anyone trying to update the cert in the UI and > getting > an > error the it's an invalid cert I did the following. > > 1. Created CA private key > - openssl genrsa -des3 -out mydomain.priv.key 2048 * Remember > password > you will need it > > 2. Created CA certificate request file > - openssl req -new -key mydomain.priv.key -out mydomain.req > > 3. Self-sign my CA request > - openssl x509 -req -days 7305 -sha1 -extfile /etc/ssl/openssl.cnf > -extensions v3_ca -signkey mydomain.priv.key -in mydomain.req -out > mydomain.crt > > 4. Created a server key > - openssl genrsa -out cloud.mydomain.priv.key 2048 > > 5. Generate Server certificate request file > - openssl req -new -key cloud.mydomain.priv.key -out cloud.mydomain.req > > 6. Sign my server request > - openssl x509 -req -days 7000 -sha1 -extfile /etc/ssl/openssl.cnf > -extensions v3_req -CA mydomain.crt -CAkey mydomain.priv.key > -CAcreateserial -in cloud.mydomain.req -out cloud.mydomain.crt > > *** This last step is what fixed my UI error on an invalid SSL key > 7. create a PKCS8 key file > - openssl pkcs8 -topk8 -in cloud.mydomain.priv.key -inform pem -out > cloud.mydomain.pkcs8.key -outform pem -nocrypt > > > In the UI put the contents of cloud.mydomain.crt into certificate > field. > Put the contents on cloud.mydomain.pkcs8.key into the PKCS#8 Private > Key > and finally put your domain name in. > > > > > On Sun, Dec 30, 2012 at 4:55 AM, Kirk Kosinski <kirkkosin...@gmail.com > <mailto:kirkkosin...@gmail.com> > wrote: > > Hi, Rob. I don't know what that global setting is supposed to do. To > update the domain, follow the procedure to update the SSL certificate > (in UI, Infrastructure > Update SSL Certificate), which includes the > option to update the domain. > > Best regards, > Kirk > > On 12/29/2012 12:36 PM, Robert Booth wrote: > I'm trying to get the remote console view to work but I can't seem to > get > past the realhostip.com<http://realhostip.com> url setting. > > I have a fresh install of CloudStack 4.0 on updated Ubuntu 12.04 > management > server and host. I'm running KVM on the host. > > I've updated the consoleproxy.url.domain setting on the management > server > to a valid external domain name and restarted my management server > and > no > luck. > > Things I've tried. > > Restarted the management server > > Restarted the agent service > > Removed all system vms and recreated them. > > Rebooted the management server and the host > > I still get the realhostip.com<http://realhostip.com> address when I try > to console into a > vm > via > the UI. > > Any help would be great! > > Thanks, > Rob > > > > > > >
