I use the following certificate files: # openssl verify -CAfile /etc/pve/pve-root-ca.pem /etc/pve/local/pve-ssl.pem /etc/pve/local/pve-ssl.pem: OK
I pass the content of /etc/pve/pve-root-ca.pem to virt-viewer: [virt-viewer] ca=-----BEGIN CERTIFICATE-----\nXXXXXXXXXX/Q=\n-----END CERTIFICATE-----\n ... I also use above cert files when starting qemu, and remote-viewer works perfectly unless we use intermediate CAs. ----------------- # remote-viewer /tmp/scDvEiLJ (/usr/bin/remote-viewer:363337): Spice-Warning **: ssl_verify.c:428:openssl_verify: openssl verify:num=20:unable to get local issuer certificate:depth=1:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 2 Primary Intermediate Server CA (remote-viewer:363337): GSpice-WARNING **: main-1:0: SSL_connect: error:00000001:lib(0):func(0):reason(1) ------------------------ I tried to append the intermediate cert to /etc/pve/pve-root-ca.pem and /etc/pve/local/pve-ssl.pem, but always get the same error. Any ideas? _______________________________________________ Spice-devel mailing list Spice-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/spice-devel
