Description of problem: TicketEncoder.java/TicketDecoder.java use SHA-1 for signatures/verification. This should be replaced with SHA-256. It should be done in coordination with updating the equivalent python code, and users of both of them.
Verified with: ovirt-engine-4.4.6.5-447.gd80dda7.9.el8ev.noarch Steps: 1. Create and run a VM - cluster compatibility version 4.6 - template latest-rhel-guest-image-8.3-infra - graphics protocol VNC - enable VirtIO serial console 2. Test noVNC 1) Make sure websocket proxy is configured, import CA of the engine in browser 2) Open VM console options window, select noVNC 3) Click VM Console button, check if a new browser tab with noVNC session appears. 4) Check if commands could be run on noVNC session. 3. Test serial console 1) Create ssh-key on engine by ssh-keygen -t rsa -f /root/.ssh/sc_test_key -q -N '' 2) Set the pub key (/root/.ssh/sc_test_key.pub) on engine web-UI under 'Options' 3) Make sure the VM is available for connection by running the following on the engine: ssh -o StrictHostKeyChecking=no -t -i /root/.ssh/sc_test_key -p 2222 ovirt-vmconsole@<engine_fqdn> list 4) Try connecting to the VM by running the following on the engine: ssh -o StrictHostKeyChecking=no -t -i /root/.ssh/sc_test_key -p 2222 ovirt-vmconsole@<engine_fqdn> connect --vm-name=<test_vm> 5) Check if commands could be run on serial console. Results: 1. New browser tab with noVNC session appears when clicking VM Console button, could run commands on the opened noVNC session. 2. Could connect to VM serial console and run commands on it.
This bugzilla is included in oVirt 4.4.6 release, published on May 4th 2021. Since the problem described in this bug report should be resolved in oVirt 4.4.6 release, it has been closed with a resolution of CURRENT RELEASE. If the solution does not work for you, please open a new bug report.