Hi Nicolas, yes this make sense.
Do you have any idea how to create/get that CERT from CPVM? BR Reza ________________________________ Von: Nicolas Vazquez <nicolas.vazq...@shapeblue.com> Gesendet: Samstag, 20. Juli 2024 00:59 An: users@cloudstack.apache.org <users@cloudstack.apache.org> Betreff: Re: VNC with tigervnc Hi Reza, I think the problem may be the CRL certificate, it may be expecting the client certificate (such as CPVM will present to the VNC server) Regards, Nicolas Vazquez From: R A <jarhe...@hotmail.de> Date: Thursday, 18 July 2024 at 21:14 To: users@cloudstack.apache.org <users@cloudstack.apache.org> Subject: RE: VNC with tigervnc Hi Nicolas, Many thanks for your advice. I changed the Securitytype to X509Vnc (which seems to be the correct one) and now i am facing: TLS: Could not load user specified certificate revocation list CConn: readTLS: The TLS connection was non-properly terminated. (-110) I ve copied ca-cert.pem and server-cert.pem from /etc/pki/libvirt-vnc which is defined in /etc/libvirt/qemu.conf [root@rockyvm user1]# [root@rockyvm user1]# vncviewer -SecurityTypes=X509Vnc -X509CA /home/user1/Downloads/ca-cert.pem -X509CRL /home/user1/Downloads/server-cert.pem 172.17.10.10:5903 TigerVNC Viewer v1.13.1 Built on: 2024-04-22 00:00 Copyright (C) 1999-2022 TigerVNC Team and many others (see README.rst) See https://www.tigervnc.org for information on TigerVNC. Fri Jul 19 02:10:16 2024 DecodeManager: Detected 4 CPU core(s) DecodeManager: Creating 4 decoder thread(s) CConn: Connected to host 172.17.10.10 port 5903 CConnection: Server supports RFB protocol version 3.8 CConnection: Using RFB protocol version 3.8 CConnection: Choosing security type VeNCrypt(19) CVeNCrypt: Choosing security type X509Vnc (261) Fri Jul 19 02:10:17 2024 TLS: Could not load user specified certificate revocation list CConn: readTLS: The TLS connection was non-properly terminated. (-110) DecodeManager: Total: 0 rects, 0 pixels DecodeManager: 0 B (1:-nan ratio) [root@rockyvm user1]#
