Remove the /finger from the url given in the example, as that is no longer a published service.
This is from OSX, using wget. wget --no-check-certificate https://myhost:8443/1.0 --certificate=client.crt --private-key=client.key -O - -q {"type":"sync","status":"Success","status_code":200,"metadata":{"api_compat":1,"auth":"trusted","config":{"trust-password":true},"environment":{"backing_fs":"ext4","driver":"lxc","kernel_version":"3.16.0-37-generic","lxc_version":"1.1.0","lxd_version":"0.9"}}} 2015-05-23 21:16 GMT+02:00 Janjaap Bos <[email protected]>: > Before trying at OSX, make sure it works on your LXD host. > > Follow the steps for hacking on: > > https://github.com/lxc/lxd > > It works for me. > Hacking > > Sometimes it is useful to view the raw response that LXD sends; you can do > this by: > > lxc config set password foo > lxc remote add local 127.0.0.1:8443 > wget --no-check-certificate https://127.0.0.1:8443/1.0/finger > --certificate=$HOME/.config/lxc/client.crt > --private-key=$HOME/.config/lxc/client.key -O - -q > > > > 2015-05-23 21:13 GMT+02:00 Kevin LaTona <[email protected]>: > >> >> >> I noticed I did not run the lxc config trust add client.crt call as >> suggested earlier. >> >> So I >> >> cd >> /root/.config/lxc >> >> lxc config trust add client.crt >> >> >> then >> >> lxc config trust list >> >> and got to finger prints back >> >> >> >> Next ran >> >> >> curl -v -k https://192.168.0.50:8443/1.0/images >> >> * Hostname was NOT found in DNS cache >> * Trying 192.168.0.50... >> * Connected to 192.168.0.50 (192.168.0.50) port 8443 (#0) >> * successfully set certificate verify locations: >> * CAfile: none >> CApath: /etc/ssl/certs >> * SSLv3, TLS handshake, Client hello (1): >> * SSLv3, TLS handshake, Server hello (2): >> * SSLv3, TLS handshake, CERT (11): >> * SSLv3, TLS handshake, Server key exchange (12): >> * SSLv3, TLS handshake, Request CERT (13): >> * SSLv3, TLS handshake, Server finished (14): >> * SSLv3, TLS handshake, CERT (11): >> * SSLv3, TLS handshake, Client key exchange (16): >> * SSLv3, TLS change cipher, Client hello (1): >> * SSLv3, TLS handshake, Finished (20): >> * SSLv3, TLS alert, Server hello (2): >> * error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate >> * Closing connection 0 >> curl: (35) error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad >> certificate >> >> >> root@c5:~# >> >> >> >> >> Unless I am missing another config step here. >> >> Sure looks like the LDX image server is sending out bad certs into the >> wild. >> >> >> -Kevin >> _______________________________________________ >> lxc-users mailing list >> [email protected] >> http://lists.linuxcontainers.org/listinfo/lxc-users >> > >
_______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
