Hi,
I have NoVNC working on SSL using self-signed certs. However my problem comes when I use a signed cert, the signed cert is a wildcard cert for our corporate domain. This is the error in the NoVnc logs:
root@vm1:/root# tail -f /var/log/supervisor/novncd-stdout---supervisor-Vb7vuE.log
2020-04-14 11:05:07,688 - websocket.type - INFO : WebSocket server settings:
2020-04-14 11:05:07,688 - websocket.type - INFO : - Listen on 0.0.0.0:6080
2020-04-14 11:05:07,688 - websocket.type - INFO : - SSL/TLS support
2020-04-14 11:05:07,688 - websocket.type - INFO : - proxying from 0.0.0.0:6080 to ignore:ignore
2020-04-14 11:05:25,366 - websocket.type - DEBUG : 10.32.60.38: new handler Process
2020-04-14 11:05:25,382 - websocket.type - INFO : handler exception: [SSL] PEM lib (_ssl.c:2834)
2020-04-14 11:05:25,382 - websocket.type - DEBUG : exception
Traceback (most recent call last):
File "/srv/webvirtcloud/venv/local/lib/python2.7/site-packages/websockify/websockifyserver.py", line 691, in top_new_client
client = self.do_handshake(startsock, address)
File "/srv/webvirtcloud/venv/local/lib/python2.7/site-packages/websockify/websockifyserver.py", line 578, in do_handshake
context.load_cert_chain(certfile=self.cert, keyfile=self.key, password=self.key_password)
SSLError: [SSL] PEM lib (_ssl.c:2834)
2020-04-14 11:05:25,386 - websocket.type - DEBUG : Ignoring interrupted syscall
config:
[program:novncd]
command=/srv/webvirtcloud/venv/bin/python /srv/webvirtcloud/console/novncd --
cert=/etc/nginx/ssl/self.pem --debug --verbose
directory=/srv/webvirtcloud
user=www-data
autostart=true
autorestart=true
redirect_stderr=true
I have copied the signed cert to a file called /etc/nginx/ssl/self.pem
Nginx config: (this works fine for the main site, only console not working)
ssl_certificate /etc/nginx/ssl/self.pem;
ssl_certificate_key /etc/nginx/ssl/selfkey.key;
settings.py has been updated to reflect the DNS name
Websock public host
WS_PUBLIC_HOST = 'vm1.example.com'
What is the issue with NoVNC ??
Hi,
I have NoVNC working on SSL using self-signed certs. However my problem comes when I use a signed cert, the signed cert is a wildcard cert for our corporate domain. This is the error in the NoVnc logs:
root@vm1:/root# tail -f /var/log/supervisor/novncd-stdout---supervisor-Vb7vuE.log
2020-04-14 11:05:07,688 - websocket.type - INFO : WebSocket server settings:
2020-04-14 11:05:07,688 - websocket.type - INFO : - Listen on 0.0.0.0:6080
2020-04-14 11:05:07,688 - websocket.type - INFO : - SSL/TLS support
2020-04-14 11:05:07,688 - websocket.type - INFO : - proxying from 0.0.0.0:6080 to ignore:ignore
2020-04-14 11:05:25,366 - websocket.type - DEBUG : 10.32.60.38: new handler Process
2020-04-14 11:05:25,382 - websocket.type - INFO : handler exception: [SSL] PEM lib (_ssl.c:2834)
2020-04-14 11:05:25,382 - websocket.type - DEBUG : exception
Traceback (most recent call last):
File "/srv/webvirtcloud/venv/local/lib/python2.7/site-packages/websockify/websockifyserver.py", line 691, in top_new_client
client = self.do_handshake(startsock, address)
File "/srv/webvirtcloud/venv/local/lib/python2.7/site-packages/websockify/websockifyserver.py", line 578, in do_handshake
context.load_cert_chain(certfile=self.cert, keyfile=self.key, password=self.key_password)
SSLError: [SSL] PEM lib (_ssl.c:2834)
2020-04-14 11:05:25,386 - websocket.type - DEBUG : Ignoring interrupted syscall
I have copied the signed cert to a file called /etc/nginx/ssl/self.pem
Nginx config: (this works fine for the main site, only console not working)
settings.py has been updated to reflect the DNS name
Websock public host
WS_PUBLIC_HOST = 'vm1.example.com'
What is the issue with NoVNC ??