cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mathias Mullins <>
Subject Re: consoleproxy.url.domain not updating
Date Mon, 31 Dec 2012 14:45:47 GMT

Did you populate your DNS server with all of the A records for each IP in your range?

Information is in this document.


On Dec 31, 2012, at 9:01 AM, "Robert Booth" <<>>


When I try to connect via the UI "View Console" link I get

This webpage is not available

The webpage at * console server dns
* might be temporarily down or it may have moved permanently to a new web

Error 501 (net::ERR_INSECURE_RESPONSE): Unknown error.

Funny thing is when I hover over the "View Console" button the url shown in
the browser status bar is http://CloudManagement:8080/client/#. Using the
chrome developer tools I found the href tag is set to "#".


On Sun, Dec 30, 2012 at 10:51 PM, Kirk Kosinski <<>>wrote:

Opening a browser window directly to HTTPS on a console proxy will
normally give a 404 error.  Try accessing a VM console through the
CloudStack UI (which should generate and use a valid URL to the console
proxy) and ignore the cert error to see what happens.


On 12/30/2012 08:37 PM, Robert Booth wrote:

When I open a browser window directly to the console server I get an
invalid certificate error.

"This certificate was signed by an unknown authority"

I need to get that correct but will that stop me in my tracks?

When I click to ignore I get a 404 Not Found error message "No context
found for request".


On Sun, Dec 30, 2012 at 10:17 PM, Kirk Kosinski <<>

What is the error in the browser?  Can you connect to 443/tcp on the
console proxy from your desktop?

Best regards,

On 12/30/2012 11:10 AM, Robert Booth wrote:
Thanks Kirk,

Yes that did it. My domain name is now updated but I still feel no love
with the console proxy. The URL has been updated and everything is
resolving correctly but I still can't connect via the remote console.
I used a self-signed CA and server cert so I'm wondering if that is my
problem. I'm going to keep digging and what I'm missing. My guess is
Root CA I created is not trusted in the system.

As a side not for anyone trying to update the cert in the UI and
error the it's an invalid cert I did the following.

1. Created CA private key
- openssl genrsa -des3 -out mydomain.priv.key 2048   * Remember
you will need it

2. Created CA certificate request file
- openssl req -new -key mydomain.priv.key -out mydomain.req

3. Self-sign my CA request
- openssl x509 -req -days 7305 -sha1 -extfile /etc/ssl/openssl.cnf
-extensions v3_ca -signkey mydomain.priv.key -in mydomain.req -out

4. Created a server key
- openssl genrsa -out cloud.mydomain.priv.key 2048

5. Generate Server certificate request file
- openssl req -new -key cloud.mydomain.priv.key -out cloud.mydomain.req

6. Sign my server request
- openssl x509 -req -days 7000 -sha1 -extfile /etc/ssl/openssl.cnf
-extensions v3_req -CA mydomain.crt -CAkey mydomain.priv.key
-CAcreateserial -in cloud.mydomain.req -out cloud.mydomain.crt

*** This last step is what fixed my UI error on an invalid SSL key
7. create a PKCS8 key file
- openssl pkcs8 -topk8 -in cloud.mydomain.priv.key -inform pem -out
cloud.mydomain.pkcs8.key -outform pem -nocrypt

In the UI put the contents of cloud.mydomain.crt into certificate
Put the contents on cloud.mydomain.pkcs8.key into the PKCS#8 Private
and finally put your domain name in.

On Sun, Dec 30, 2012 at 4:55 AM, Kirk Kosinski <<>

Hi, Rob.  I don't know what that global setting is supposed to do.  To
update the domain, follow the procedure to update the SSL certificate
(in UI, Infrastructure > Update SSL Certificate), which includes the
option to update the domain.

Best regards,

On 12/29/2012 12:36 PM, Robert Booth wrote:
I'm trying to get the remote console view to work but I can't seem to
past the<> url setting.

I have a fresh install of CloudStack 4.0 on updated Ubuntu 12.04
server and host. I'm running KVM on the host.

I've updated the consoleproxy.url.domain setting on the management
to a valid external domain name and restarted my management server

Things I've tried.

Restarted the management server

Restarted the agent service

Removed all system vms and recreated them.

Rebooted the management server and the host

I still get the<> address when I try to console
into a
the UI.

Any help would be great!


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message