Michal, Could you explain in details this part of your email?
> We modified the client to sign the request for proxy that is verified by the > (also > modified) proxy. There are small changes but they would need to be done for > any other > client you’re trying to use (and for the proxy if you’d want to use a > non-ovirt > websockify) Where can i find this information? Right now, using the stock websockify and using my version of flexVDI (which works BTW perfectly with libvirt qxl protected by password) and a valid SSL certificates between browser and proxy, I am getting this error when trying to connect to ovirt: ``` + exec python3 -m websockify 5959 --verbose --record /tmp/websockify.log --cert=/etc/letsencrypt/live/ws1.xxxx.net/cert.pem --key=/etc/letsencrypt/live/ws1.xxx.net/privkey.pem --ssl-target --ssl-only --verify-client --cafile=/tmp/cafile-143249.crt '--ssl-ciphers=HIGH:!aNULL' xx.xxx.xxx.xxx:5915 WebSocket server settings: - Listen on :5959 - SSL/TLS support - Deny non-SSL/TLS connections - Recording to '/tmp/websockify.log.*' - proxying from :5959 to xx.xxx.xxx.xxx:5915 (using SSL) 70.182.176.222: new handler Process handler exception: [Errno 0] Error exception Traceback (most recent call last): File "/var/www/websockify/websockify/websockifyserver.py", line 662, in top_new_client client = self.do_handshake(startsock, address) File "/var/www/websockify/websockify/websockifyserver.py", line 565, in do_handshake retsock = context.wrap_socket( File "/usr/lib/python3.8/ssl.py", line 500, in wrap_socket return self.sslsocket_class._create( File "/usr/lib/python3.8/ssl.py", line 1040, in _create self.do_handshake() File "/usr/lib/python3.8/ssl.py", line 1309, in do_handshake self._sslobj.do_handshake() OSError: [Errno 0] Error ``` so it seems my main problem is SSL between the webproxy and ovirt. I am just not sure how to debug this. Is the connection between the proxy and the host encrypted? If yes, what role does the cafile received in the console.vv plays and what about the host-subject. this is the part I am missing _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/B7TKD27A4TWK26PFVDQV27QQMKA55YWX/