add local sends back an error root@kev:/home/kev# lxc remote add local 192.168.0.50:8443
error: remote local exists as <unix:///var/lib/lxd/unix.socket> running just wget ( I've not used wget before ) so I am not sure how or if it's possible to send in the host name now or ?? root@kev:~/.config/lxc# wget --no-check-certificate https://192.168.0.50:8443/1.0/ --certificate=client.crt --private-key=client.key -O - -v --2015-05-23 13:12:13-- https://192.168.0.50:8443/1.0/ Connecting to 192.168.0.50:8443... connected. WARNING: cannot verify 192.168.0.50's certificate, issued by ‘O=linuxcontainer.org’: Unable to locally verify the issuer's authority. WARNING: certificate common name ‘’ doesn't match requested host name ‘192.168.0.50’. HTTP request sent, awaiting response... 404 Not Found 2015-05-23 13:12:13 ERROR 404: Not Found. Sounds like LXD server is working for you….. but still no idea why it's not for me yet. -Kevin On May 23, 2015, at 12:26 PM, Janjaap Bos <[email protected]> wrote: > Remove the /finger from the url given in the example, as that is no longer a > published service. > > This is from OSX, using wget. > > wget --no-check-certificate https://myhost:8443/1.0 --certificate=client.crt > --private-key=client.key -O - -q > > {"type":"sync","status":"Success","status_code":200,"metadata":{"api_compat":1,"auth":"trusted","config":{"trust-password":true},"environment":{"backing_fs":"ext4","driver":"lxc","kernel_version":"3.16.0-37-generic","lxc_version":"1.1.0","lxd_version":"0.9"}}} > > > 2015-05-23 21:16 GMT+02:00 Janjaap Bos <[email protected]>: > Before trying at OSX, make sure it works on your LXD host. > > Follow the steps for hacking on: > > https://github.com/lxc/lxd > > It works for me. > Hacking > > Sometimes it is useful to view the raw response that LXD sends; you can do > this by: > > lxc config set password foo > lxc remote add local 127.0.0.1:8443 > wget --no-check-certificate https://127.0.0.1:8443/1.0/finger > --certificate=$HOME/.config/lxc/client.crt > --private-key=$HOME/.config/lxc/client.key -O - -q > > > 2015-05-23 21:13 GMT+02:00 Kevin LaTona <[email protected]>: > > > I noticed I did not run the lxc config trust add client.crt call as suggested > earlier. > > So I > > cd > /root/.config/lxc > > lxc config trust add client.crt > > > then > > lxc config trust list > > and got to finger prints back > > > > Next ran > > > curl -v -k https://192.168.0.50:8443/1.0/images > > * Hostname was NOT found in DNS cache > * Trying 192.168.0.50... > * Connected to 192.168.0.50 (192.168.0.50) port 8443 (#0) > * successfully set certificate verify locations: > * CAfile: none > CApath: /etc/ssl/certs > * SSLv3, TLS handshake, Client hello (1): > * SSLv3, TLS handshake, Server hello (2): > * SSLv3, TLS handshake, CERT (11): > * SSLv3, TLS handshake, Server key exchange (12): > * SSLv3, TLS handshake, Request CERT (13): > * SSLv3, TLS handshake, Server finished (14): > * SSLv3, TLS handshake, CERT (11): > * SSLv3, TLS handshake, Client key exchange (16): > * SSLv3, TLS change cipher, Client hello (1): > * SSLv3, TLS handshake, Finished (20): > * SSLv3, TLS alert, Server hello (2): > * error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate > * Closing connection 0 > curl: (35) error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad > certificate > > > root@c5:~# > > > > > Unless I am missing another config step here. > > Sure looks like the LDX image server is sending out bad certs into the wild. > > > -Kevin > _______________________________________________ > lxc-users mailing list > [email protected] > http://lists.linuxcontainers.org/listinfo/lxc-users > > > _______________________________________________ > lxc-users mailing list > [email protected] > http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
