No, I made my life easy and used nginx to proxy for the websocket. I was then able to use my commercial ssl cert to avoid all of these issues. Using a proxy for a proxy has been working out quite well for cloudspin, because I don't have to mess with anything internal to the engine and noVNC works without issue.
DonnyD -----Original Message----- From: Simone Tiraboschi [mailto:[email protected]] Sent: Friday, February 20, 2015 7:03 AM To: Donny Davis Subject: Re: [ovirt-users] Unable to run noVNC console un recent browsers ----- Original Message ----- > From: "Donny Davis" <[email protected]> > To: "Simone Tiraboschi" <[email protected]> > Sent: Friday, February 20, 2015 2:23:56 PM > Subject: RE: [ovirt-users] Unable to run noVNC console un recent > browsers > > Is your websocket proxy on the same machine as your engine. I also get > the CA error when the time it off. The proxy throws the error to > /var/log/messages Hi Donny, I'm using the proxy on the same machine where the engine runs. No error till now no my side. I also trusted oVirt internal CA to sign other certs in my browser. Did you? You can find it at https://{engine}/ca.crt You should download it and add to the list of trusted certification authorities in your browser. > -----Original Message----- > From: [email protected] [mailto:[email protected]] On > Behalf Of Simone Tiraboschi > Sent: Friday, February 20, 2015 5:57 AM > To: Stefano Danzi > Cc: [email protected] > Subject: Re: [ovirt-users] Unable to run noVNC console un recent > browsers > > > > ----- Original Message ----- > > From: "Stefano Danzi" <[email protected]> > > To: "Darrell Budic" <[email protected]> > > Cc: [email protected] > > Sent: Friday, February 20, 2015 9:07:51 AM > > Subject: Re: [ovirt-users] Unable to run noVNC console un recent > > browsers > > > > Hello! > > Already done but this didn't help. > > > > I downloaded a portable version of Firefox 17 and noVNC work as expected. > > > > Il 20/02/2015 5.18, Darrell Budic ha scritto: > > > > > > > > Try reimporting the ca.cert for noVNC by connecting directly to the > > webproxy address at port 6100. Do this by trying to connect to a > > console and then, once the 1006 error shows up, just strip off > > everything after :6100/ . I've found that somewhere in or after 3.5, > > restarting the webproxy causes it to generate its own new ca.cert > > even > through it shouldn't. > > > > -Darrell > > > > > > > > On Feb 19, 2015, at 4:09 PM, Stefano Danzi <[email protected]> wrote: > > > > Hello, > > > > I can't make work noVNC console on recent browsers (Chrome 40, > > Firefox > > 35 and IE 11). > > > > The error that I have is already explained here: > > https://forge.univention.org/bugzilla/show_bug.cgi?id=33587 I tried > > to change websocket like suggested ( > > http://errata.univention.de/ucs/3.2/31.html ) but this not helped. > > noVNC 0.5.1 should be soon released in EPEL6/EPEL7 as for [1]. > noVNC 0.5.1 should also improve compatibility with recent browsers. > > [1] https://bugzilla.redhat.com/show_bug.cgi?id=1193454#c3 > > > > Someone know a workaround? > > _______________________________________________ > > Users mailing list [email protected] > > http://lists.ovirt.org/mailman/listinfo/users > > > > > > _______________________________________________ > > Users mailing list > > [email protected] > > http://lists.ovirt.org/mailman/listinfo/users > > > _______________________________________________ > Users mailing list > [email protected] > http://lists.ovirt.org/mailman/listinfo/users > > _______________________________________________ Users mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/users
