>>OK, I have just committed an initial version using a local tcp port and TLS >>(qemu-server/pve-manager). >> >>Please can you test if that works for you also?
Works perfectly ! Thanks ! >>I guess in future we need to extract 'host-subject' from >>/etc/pve/local/pve-ssl.pem, maybe with: >> >># openssl x509 -in /etc/pve/local/pve-ssl.pem -noout -subject >> >>what you you think? Yes ! As maybe users use their own certificates, we need to do it like this. I don't known if you I have time to implement the proxy forward to connect on a vm on a remote node: ? client ---> http connect proxy1----> http connect proxy2 ----- Mail original ----- De: "Dietmar Maurer" <diet...@proxmox.com> À: "Alexandre DERUMIER" <aderum...@odiso.com> Cc: pve-devel@pve.proxmox.com Envoyé: Mercredi 17 Juillet 2013 11:57:32 Objet: RE: [pve-devel] spice tls + proxy: ssl_verify.c:484:openssl_verify: ssl: hostname > > maybe host-subject can help ? > > > > host-subject="OU=PVE Cluster Node,O=Proxmox Virtual > > Environment,CN=base32ticket" > > yes, that is what I thought - will test later. OK, I have just committed an initial version using a local tcp port and TLS (qemu-server/pve-manager). Please can you test if that works for you also? I guess in future we need to extract 'host-subject' from /etc/pve/local/pve-ssl.pem, maybe with: # openssl x509 -in /etc/pve/local/pve-ssl.pem -noout -subject what you you think? _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel