Hey! I'm trying to get sunstone to work with x509 certificates but fail miserably
My configuration looks as follows: Opennebula Version 3.0.0 compiled from source Opennebula with passwords works as a charm and also with x509 on the CLI What i'm trying to achieve is logging in from sunstone but i get a " OpenNebula is not running" message. I already searched the newslist a bit and found a more detailed error after using that fix http://www.mail-archive.com/[email protected]/msg04410.html The Error message is: Authentication failed. Username not found in certificate chain I already checked the config for mistakes but because it's working on the CLI i don't think there's anything wrong with the certificates. The sunstone configuration looks as following: ====================================== # OpenNebula sever contact information :one_xmlrpc: http://localhost:2633/RPC2 # Server Configuration :host: 127.0.0.1 :port: 9869 #:auth: basic :auth: x509 # VNC Configuration :vnc_proxy_base_port: 29876 :novnc_path: /srv/cloud/one/share/noVNC ====================================== For a secure web connection i use apache as proxy having following config ====================================== <VirtualHost *:443> DocumentRoot /var/www SSLEngine On SSLCertificateFile /etc/apache2/sslzert.pem SSLVerifyClient require SSLVerifyDepth 2 SSLCACertificateFile /srv/cloud/one/certs/cacert.pem SSLOptions +StdEnvVars +ExportCertData ProxyRequests Off <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPass /admin/ http://localhost:9869/ ProxyPassReverse /admin/ http://localhost:9869/ </VirtualHost> My assumption is that there's something wrong with the apache/sunstone configuration, but i'm stuck at the moment Any help would be aprecciated =) Have a nice Day! Georg
_______________________________________________ Users mailing list [email protected] http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
