Bug 1751073
| Summary: | RFE: ability to provide per-connection TLS certs to VNC connections | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | mxie <mxie> |
| Component: | virt-viewer | Assignee: | Virtualization Maintenance <virt-maint> |
| Status: | CLOSED WONTFIX | QA Contact: | Virtualization Bugs <virt-bugs> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | --- | CC: | berrange, chhu, cshao, fdeutsch, juzhou, lrotenbe, michal.skrivanek, mtessun, mzhan, ngu, qzhang, rh-spice-bugs, sgott, tzheng, virt-bugs, xianwang, xiaodwan, yafu, zhguo, zili |
| Target Milestone: | rc | Keywords: | FutureFeature, Triaged |
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | 1751065 | Environment: | |
| Last Closed: | 2021-03-11 07:31:01 UTC | Type: | Feature Request |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1785222 | ||
| Bug Blocks: | |||
(In reply to chhu from comment #1) > Test on cnv2.1(with RHEL-AV8.0.1) hit same issue. > > 1. Create VMI on cnv2.1 with win10 OS > 2. Try to connect to the VMI by virtctl vnc, the console disappeared > immediately, hit error below: > ----------------------------------------------------------------------------- > ---------------- > {"component":"virtctl","level":"info","msg":"remote-viewer connected in > 86.348494ms","pos":"vnc.go:148","timestamp":"2019-11-22T13:02:50.486719Z"} > Error encountered: read tcp 127.0.0.1:40030->127.0.0.1:39148: read: > connection reset by peer ) > ----------------------------------------------------------------------------- > ----------------- > 3. Try more times, 1 time connected to the VMI, login to the win10 and touch > file in it, the win10 OS is OK. Changed the nic from rtl8139 to e1000,virtio; virtctl vnc VMI* can succeed with higher ratio. In the original bug this was cloned from which involved RHEV, we confirmed that this is due to not having the CA cert installed. GTK-VNC expects the cert on disk, and so there's no way for virt-viewer to privide it from the console.vv file. Can you either confirm that the CNV tests also involved TLS for VNC, or provide the output of virt-viewer when using the '--gtk-vnc-debug' to connect to CNV. After evaluating this issue, there are no plans to address it further or fix it in an upcoming release. Therefore, it is being closed. If plans change such that this issue will be fixed in an upcoming release, then the bug can be reopened. |
Test on cnv2.1(with RHEL-AV8.0.1) hit same issue. 1. Create VMI on cnv2.1 with win10 OS 2. Try to connect to the VMI by virtctl vnc, the console disappeared immediately, hit error below: --------------------------------------------------------------------------------------------- {"component":"virtctl","level":"info","msg":"remote-viewer connected in 86.348494ms","pos":"vnc.go:148","timestamp":"2019-11-22T13:02:50.486719Z"} Error encountered: read tcp 127.0.0.1:40030->127.0.0.1:39148: read: connection reset by peer ) ---------------------------------------------------------------------------------------------- 3. Try more times, 1 time connected to the VMI, login to the win10 and touch file in it, the win10 OS is OK.