On May 23, 2015, at 1:24 PM, Janjaap Bos <janjaap...@gmail.com> wrote:
> Try removing the trailing / from the url. Got error message again. > > 2015-05-23 22:17 GMT+02:00 Kevin LaTona <li...@studiosola.com>: > > add local sends back an error > > root@kev:/home/kev# lxc remote add local 192.168.0.50:8443 > > error: remote local exists as <unix:///var/lib/lxd/unix.socket> > > > > > running just wget ( I've not used wget before ) so I am not sure how or if > it's possible to send in the host name now or ?? > > > > > root@kev:~/.config/lxc# wget --no-check-certificate > https://192.168.0.50:8443/1.0/ --certificate=client.crt > --private-key=client.key -O - -v > > --2015-05-23 13:12:13-- https://192.168.0.50:8443/1.0/ > > Connecting to 192.168.0.50:8443... connected. > WARNING: cannot verify 192.168.0.50's certificate, issued by > ‘O=linuxcontainer.org’: > Unable to locally verify the issuer's authority. > WARNING: certificate common name ‘’ doesn't match requested host name > ‘192.168.0.50’. > HTTP request sent, awaiting response... 404 Not Found > 2015-05-23 13:12:13 ERROR 404: Not Found. > > > > Sounds like LXD server is working for you….. but still no idea why it's not > for me yet. > > > -Kevin > > > > > On May 23, 2015, at 12:26 PM, Janjaap Bos <janjaap...@gmail.com> wrote: > >> Remove the /finger from the url given in the example, as that is no longer a >> published service. >> >> This is from OSX, using wget. >> >> wget --no-check-certificate https://myhost:8443/1.0 --certificate=client.crt >> --private-key=client.key -O - -q >> >> {"type":"sync","status":"Success","status_code":200,"metadata":{"api_compat":1,"auth":"trusted","config":{"trust-password":true},"environment":{"backing_fs":"ext4","driver":"lxc","kernel_version":"3.16.0-37-generic","lxc_version":"1.1.0","lxd_version":"0.9"}}} >> >> >> 2015-05-23 21:16 GMT+02:00 Janjaap Bos <janjaap...@gmail.com>: >> Before trying at OSX, make sure it works on your LXD host. >> >> Follow the steps for hacking on: >> >> https://github.com/lxc/lxd >> >> It works for me. >> Hacking >> >> Sometimes it is useful to view the raw response that LXD sends; you can do >> this by: >> >> lxc config set password foo >> lxc remote add local 127.0.0.1:8443 >> wget --no-check-certificate https://127.0.0.1:8443/1.0/finger >> --certificate=$HOME/.config/lxc/client.crt >> --private-key=$HOME/.config/lxc/client.key -O - -q >> >> >> 2015-05-23 21:13 GMT+02:00 Kevin LaTona <li...@studiosola.com>: >> >> >> I noticed I did not run the lxc config trust add client.crt call as >> suggested earlier. >> >> So I >> >> cd >> /root/.config/lxc >> >> lxc config trust add client.crt >> >> >> then >> >> lxc config trust list >> >> and got to finger prints back >> >> >> >> Next ran >> >> >> curl -v -k https://192.168.0.50:8443/1.0/images >> >> * Hostname was NOT found in DNS cache >> * Trying 192.168.0.50... >> * Connected to 192.168.0.50 (192.168.0.50) port 8443 (#0) >> * successfully set certificate verify locations: >> * CAfile: none >> CApath: /etc/ssl/certs >> * SSLv3, TLS handshake, Client hello (1): >> * SSLv3, TLS handshake, Server hello (2): >> * SSLv3, TLS handshake, CERT (11): >> * SSLv3, TLS handshake, Server key exchange (12): >> * SSLv3, TLS handshake, Request CERT (13): >> * SSLv3, TLS handshake, Server finished (14): >> * SSLv3, TLS handshake, CERT (11): >> * SSLv3, TLS handshake, Client key exchange (16): >> * SSLv3, TLS change cipher, Client hello (1): >> * SSLv3, TLS handshake, Finished (20): >> * SSLv3, TLS alert, Server hello (2): >> * error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate >> * Closing connection 0 >> curl: (35) error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad >> certificate >> >> >> root@c5:~# >> >> >> >> >> Unless I am missing another config step here. >> >> Sure looks like the LDX image server is sending out bad certs into the wild. >> >> >> -Kevin >> _______________________________________________ >> lxc-users mailing list >> lxc-users@lists.linuxcontainers.org >> http://lists.linuxcontainers.org/listinfo/lxc-users >> >> >> _______________________________________________ >> lxc-users mailing list >> lxc-users@lists.linuxcontainers.org >> http://lists.linuxcontainers.org/listinfo/lxc-users > > > _______________________________________________ > lxc-users mailing list > lxc-users@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-users > > _______________________________________________ > lxc-users mailing list > lxc-users@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
