David David <dd432...@gmail.com> writes: > copied from qemu server all certs except "cacrl" to my desktop-station > into /etc/pki/
This is not needed, the CA certificate is included in console.vv and no other certificate should be needed. > but remote-viewer is still didn't work The log looks like remote-viewer is attempting certificate authentication rather than password authentication. Do you have password in console.vv? It should look like: [virt-viewer] type=vnc host=192.168.122.2 port=5900 password=fxLazJu6BUmL # Password is valid for 120 seconds. ... Regards, Milan > 2020-03-26 2:22 GMT+04:00, Nir Soffer <nsof...@redhat.com>: >> On Wed, Mar 25, 2020 at 12:45 PM David David <dd432...@gmail.com> wrote: >>> >>> ovirt 4.3.8.2-1.el7 >>> gtk-vnc2-1.0.0-1.fc31.x86_64 >>> remote-viewer version 8.0-3.fc31 >>> >>> can't open vm console by remote-viewer >>> vm has vnc console protocol >>> when click on console button to connect to a vm, the remote-viewer >>> console disappear immediately >>> >>> remote-viewer debug in attachment >> >> You an issue with the certificates: >> >> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.238: >> ../src/vncconnection.c Set credential 2 libvirt >> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: >> ../src/vncconnection.c Searching for certs in /etc/pki >> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: >> ../src/vncconnection.c Searching for certs in /root/.pki >> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: >> ../src/vncconnection.c Failed to find certificate CA/cacert.pem >> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: >> ../src/vncconnection.c No CA certificate provided, using GNUTLS global >> trust >> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: >> ../src/vncconnection.c Failed to find certificate CA/cacrl.pem >> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: >> ../src/vncconnection.c Failed to find certificate >> libvirt/private/clientkey.pem >> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: >> ../src/vncconnection.c Failed to find certificate >> libvirt/clientcert.pem >> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: >> ../src/vncconnection.c Waiting for missing credentials >> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: >> ../src/vncconnection.c Got all credentials >> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: >> ../src/vncconnection.c No CA certificate provided; trying the system >> trust store instead >> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: >> ../src/vncconnection.c Using the system trust store and CRL >> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: >> ../src/vncconnection.c No client cert or key provided >> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: >> ../src/vncconnection.c No CA revocation list provided >> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.241: >> ../src/vncconnection.c Handshake was blocking >> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.243: >> ../src/vncconnection.c Handshake was blocking >> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.251: >> ../src/vncconnection.c Handshake was blocking >> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.298: >> ../src/vncconnection.c Handshake done >> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.298: >> ../src/vncconnection.c Validating >> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.301: >> ../src/vncconnection.c Error: The certificate is not trusted >> >> Adding people that may know more about this. >> >> Nir >> >> _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/G4DV6YDFGORYDO64KLD3T6NF4F52QAEN/
