starred/webvirtcloud
1
0
Fork 0
mirror of https://github.com/retspen/webvirtcloud.git synced 2026-04-26 07:55:52 +03:00
Code Issues 199 Projects Releases 1 Packages Wiki Activity

[GH-ISSUE #307] NoVNC SSL #204

New issue
Closed
opened 2026-02-27 15:57:44 +03:00 by kerem · 1 comment
kerem commented 2026-02-27 15:57:44 +03:00
Owner
Copy link

Originally created by @james-watson-oxb on GitHub (Apr 14, 2020).
Original GitHub issue: https://github.com/retspen/webvirtcloud/issues/307

Hi,

I have NoVNC working on SSL using self-signed certs. However my problem comes when I use a signed cert, the signed cert is a wildcard cert for our corporate domain. This is the error in the NoVnc logs:

root@vm1:/root# tail -f /var/log/supervisor/novncd-stdout---supervisor-Vb7vuE.log
2020-04-14 11:05:07,688 - websocket.type - INFO : WebSocket server settings:
2020-04-14 11:05:07,688 - websocket.type - INFO : - Listen on 0.0.0.0:6080
2020-04-14 11:05:07,688 - websocket.type - INFO : - SSL/TLS support
2020-04-14 11:05:07,688 - websocket.type - INFO : - proxying from 0.0.0.0:6080 to ignore:ignore

2020-04-14 11:05:25,366 - websocket.type - DEBUG : 10.32.60.38: new handler Process
2020-04-14 11:05:25,382 - websocket.type - INFO : handler exception: [SSL] PEM lib (_ssl.c:2834)
2020-04-14 11:05:25,382 - websocket.type - DEBUG : exception
Traceback (most recent call last):
File "/srv/webvirtcloud/venv/local/lib/python2.7/site-packages/websockify/websockifyserver.py", line 691, in top_new_client
client = self.do_handshake(startsock, address)
File "/srv/webvirtcloud/venv/local/lib/python2.7/site-packages/websockify/websockifyserver.py", line 578, in do_handshake
context.load_cert_chain(certfile=self.cert, keyfile=self.key, password=self.key_password)
SSLError: [SSL] PEM lib (_ssl.c:2834)
2020-04-14 11:05:25,386 - websocket.type - DEBUG : Ignoring interrupted syscall

config: 
[program:novncd]
command=/srv/webvirtcloud/venv/bin/python /srv/webvirtcloud/console/novncd -- 
cert=/etc/nginx/ssl/self.pem --debug --verbose
directory=/srv/webvirtcloud
user=www-data
autostart=true
autorestart=true
 redirect_stderr=true

I have copied the signed cert to a file called /etc/nginx/ssl/self.pem

Nginx config: (this works fine for the main site, only console not working)

    ssl_certificate /etc/nginx/ssl/self.pem;
    ssl_certificate_key /etc/nginx/ssl/selfkey.key;

settings.py has been updated to reflect the DNS name

Websock public host

WS_PUBLIC_HOST = 'vm1.example.com'

What is the issue with NoVNC ??

Originally created by @james-watson-oxb on GitHub (Apr 14, 2020). Original GitHub issue: https://github.com/retspen/webvirtcloud/issues/307 Hi, I have NoVNC working on SSL using self-signed certs. However my problem comes when I use a signed cert, the signed cert is a wildcard cert for our corporate domain. This is the error in the NoVnc logs: root@vm1:/root# tail -f /var/log/supervisor/novncd-stdout---supervisor-Vb7vuE.log 2020-04-14 11:05:07,688 - websocket.type - INFO : WebSocket server settings: 2020-04-14 11:05:07,688 - websocket.type - INFO : - Listen on 0.0.0.0:6080 2020-04-14 11:05:07,688 - websocket.type - INFO : - SSL/TLS support 2020-04-14 11:05:07,688 - websocket.type - INFO : - proxying from 0.0.0.0:6080 to ignore:ignore 2020-04-14 11:05:25,366 - websocket.type - DEBUG : 10.32.60.38: new handler Process 2020-04-14 11:05:25,382 - websocket.type - INFO : handler exception: [SSL] PEM lib (_ssl.c:2834) 2020-04-14 11:05:25,382 - websocket.type - DEBUG : exception Traceback (most recent call last): File "/srv/webvirtcloud/venv/local/lib/python2.7/site-packages/websockify/websockifyserver.py", line 691, in top_new_client client = self.do_handshake(startsock, address) File "/srv/webvirtcloud/venv/local/lib/python2.7/site-packages/websockify/websockifyserver.py", line 578, in do_handshake context.load_cert_chain(certfile=self.cert, keyfile=self.key, password=self.key_password) SSLError: [SSL] PEM lib (_ssl.c:2834) 2020-04-14 11:05:25,386 - websocket.type - DEBUG : Ignoring interrupted syscall config: [program:novncd] command=/srv/webvirtcloud/venv/bin/python /srv/webvirtcloud/console/novncd -- cert=/etc/nginx/ssl/self.pem --debug --verbose directory=/srv/webvirtcloud user=www-data autostart=true autorestart=true redirect_stderr=true I have copied the signed cert to a file called /etc/nginx/ssl/self.pem Nginx config: (this works fine for the main site, only console not working) ssl_certificate /etc/nginx/ssl/self.pem; ssl_certificate_key /etc/nginx/ssl/selfkey.key; settings.py has been updated to reflect the DNS name # Websock public host WS_PUBLIC_HOST = 'vm1.example.com' What is the issue with NoVNC ??
kerem closed this issue 2026-02-27 15:57:44 +03:00
kerem commented 2026-02-27 15:57:44 +03:00
Author
Owner
Copy link

@james-watson-oxb commented on GitHub (Apr 14, 2020):

I had to edit the file:/srv/webvirtcloud/venv/local/lib/python2.7/site-packages/websockify/websockifyserver.py

In here I needed to change the code of how the keyfile is being set

<!-- gh-comment-id:613393596 --> @james-watson-oxb commented on GitHub (Apr 14, 2020): I had to edit the file:/srv/webvirtcloud/venv/local/lib/python2.7/site-packages/websockify/websockifyserver.py In here I needed to change the code of how the keyfile is being set
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
v1.0
Labels
Clear labels   
bug

   
enhancement

   
pull-request

Mirrored from GitHub Pull Request

No labels
bug
enhancement
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/webvirtcloud#204
No description provided.