[virt-tools-list] TLC Connection Issues with VNC
Gregg Stock
gregg at damagecontrolusa.com
Wed Jul 17 07:40:13 UTC 2013
I recreated the keys and had some success. I got rid of the "usage does
not permit key encipherment" message, Virt-Manager still shows the
virtual machines and I can connect fine with vinagre but I'm still
having problems with virt-viewer and the Virtual-Machine manager console
When I try to open a console from Virt-Manager, here is what I get from
log in ~/.virt-manager
[Tue, 16 Jul 2013 21:50:06 virt-manager 4642] DEBUG (details:535)
Showing VM details: <vmmDomain object at 0x9d410cc
(virtManager+domain+vmmDomain at 0xa335190)>
[Tue, 16 Jul 2013 21:50:06 virt-manager 4642] DEBUG (engine:471) window
counter incremented to 4
[Tue, 16 Jul 2013 21:50:06 virt-manager 4642] DEBUG (console:1075)
Starting connect process for proto=vnc trans=tls connhost=192.168.8.11
connuser=bob connport=5903 gaddr=192.168.8.11 gport=5903 gsocket=None
[Tue, 16 Jul 2013 21:50:06 virt-manager 4642] DEBUG (console:340) Got
credential request <enum VNC_CONNECTION_CREDENTIAL_CLIENTNAME of type
VncConnectionCredential>
[Tue, 16 Jul 2013 21:50:06 virt-manager 4642] DEBUG (console:958) Viewer
disconnected
[Tue, 16 Jul 2013 21:50:09 virt-manager 4642] DEBUG (details:552)
Closing VM details: <vmmDomain object at 0x9d410cc
(virtManager+domain+vmmDomain at 0xa335190)>
[Tue, 16 Jul 2013 21:50:09 virt-manager 4642] DEBUG (engine:475) window
counter decremented to 3
With virt-viewer I get the following on the client
Opening connection to libvirt with URI qemu+tls://bob@host.lan/system
Guest bunny is running, determining display
Guest bunny has a vnc display
Opening direct TCP connection to display at 192.168.8.11:5903
Guest bunny display has disconnected, shutting down
On the server, I get the following in /var/log/messages
libvirtd: 29338: error : virNetSocketReadWire:1176 : Cannot recv data:
Input/output error
On 7/16/2013 6:26 AM, Daniel P. Berrange wrote:
> On Mon, Jul 15, 2013 at 06:28:35PM -0700, Gregg Stock wrote:
>> warning : virNetTLSContextCheckCertKeyUsage:272 : Certificate
>> [session] usage does not permit key encipherment
> This says you've created and/or configured bad certificates.
>
> Per the instructions here:
>
> http://libvirt.org/remote.html#Remote_certificates
>
> The key usage extension for the client/server certs must include
>
> encryption_key
> signing_key
>
> Or the key usage should be omitted. This error says you have some other
> key usage set when creating the certs.
>
> Daniel
More information about the virt-tools-list
mailing list