Hide Forgot
+++ This bug was initially created as a clone of Bug #1318850 +++ Description of problem: RFE bug 1051149 has two part - authentication, which was verified successfully and https which was not tested and doesn't work. Version-Release number of selected component (if applicable): RHEL 7.2: spice-gtk3-0.26-5.el7.x86_64 RHEV 3.6: mingw-virt-viewer-2.0-8 RHEL 6.6: spice-gtk-0.26-7.el6.x86_64 // for sake of completeness How reproducible: always Steps to Reproduce: 1. have CA cert and server cert/key pair, add this line to squid.conf in addition to "http_port ..." line: https_port 3129 key=/path/to/pem_key cert=/path/to/pem_cert 2. set SPICE_PROXY env var to https://name_in_certificate_Subject_CN/: * windows cmd: set SPICE_PROXY=... * linux shel: export SPICE_PROXY=... (or SPICE_PROXY=... remote-viewer ...) 3. add CA cert to system-wide trust store in the client: * windows: Trusted Root Authorities in certmgr.msc (per-user) or mmc (system) * linux: using update-certificates(8) or trust(1) 4. connect to the VM through proxy Actual results: error dialog with "Unacceptable TLS certificate" message pops up Expected results: connection through proxy is established Additional info:
Looks like a missing feature to me.
oVirt 4.0 Alpha has been released, moving to oVirt 4.0 Beta target.
According to the discussion in the original bug 1318850 ( https://bugzilla.redhat.com/show_bug.cgi?id=1318850#c21 ) it requires more investigation and new api in glib. It is not a regression (I agree with the comment 1 that it is a feature), we don't have the solution upstream -> moving