Hi, I believe I have configured the console proxy correctly but I'd like to verify the console proxy is using my wildcard certificate. When I loaded the wildcard cert, root, and sub root, key, etc. through the CS portal I got a "succeed" message and the system vms reloaded, but the console isn't loading.
How can I verify the Console VM is using my custom wildcard cert? Is it an openssl command or a mysql query? What logs should I be looking for an error message as to why my console window is blank? The public IP of the console proxy vm is in DNS and resolves. The management log shows that the url is being provided but again just a blank window. 2020-12-08 11:21:58,424 DEBUG [c.c.s.ConsoleProxyServlet] (qtp1497845528-16:null) (logid:) Compose console url: http://<I-P.domain.name>/ajax?token=mORLUQO3R5lrOdIrRZsozUg2LnLTx5jGtgJnhHRX_-1WmlyxDZzQsaZ7nmuU_KFpd9egjZtkx74ftae3wUpF2IdvRKy7HlYodQBtQf9ldJvZhYNr1GOnxWJYZAAxTPatkVhbVg9Q9gJqFVXB5ebphg1MyGzktZgu6I5VwweGtH2tJcBFqOeUH7utMAzOeGdQW6RXZXi3HWjUSnWs4AzxwX53yFGiS1nOB2lCqAkz8-PUkx7qvfDFkxLEs6iVYTNTaowejHS13_yHeSf7t_xQFkXs1MeQNqEUcBAFaevWbSg&guest=windows 2020-12-08 11:21:58,424 DEBUG [c.c.s.ConsoleProxyServlet] (qtp1497845528-16:null) (logid:) the console url is :: <html><title>CV-Oct14-T20</title><frameset><frame src="http://<I-P.domain.name>//ajax?token=mORLUQO3R5lrOdIrRZsozUg2LnLTx5jGtgJnhHRX_-1WmlyxDZzQsaZ7nmuU_KFpd9egjZtkx74ftae3wUpF2IdvRKy7HlYodQBtQf9ldJvZhYNr1GOnxWJYZAAxTPatkVhbVg9Q9gJqFVXB5ebphg1MyGzktZgu6I5VwweGtH2tJcBFqOeUH7utMAzOeGdQW6RXZXi3HWjUSnWs4AzxwX53yFGiS1nOB2lCqAkz8-PUkx7qvfDFkxLEs6iVYTNTaowejHS13_yHeSf7t_xQFkXs1MeQNqEUcBAFaevWbSg&guest=windows"></frame></frameset></html> From: Corey, Mike <[email protected]> Sent: Monday, December 7, 2020 12:02 PM To: [email protected] Subject: [CAUTION] Console Proxy on VMware ESXi? Hi, Is there still a requirement to modify the ESXi firewall for VM console proxy? Documented process is for older version so I wasn't sure if it was still relevant for ESXi 6.5 and 6.7+. I ask because when I launch the VM proxy I just get a blank window. Any ideas on how I can troubleshoot? Extend Port Range for CloudStack Console Proxy (Applies only to VMware vSphere version 4.x) You need to extend the range of firewall ports that the console proxy works with on the hosts. This is to enable the console proxy to work with VMware-based VMs. The default additional port range is 59000-60000. To extend the port range, log in to the VMware ESX service console on each host and run the following commands: esxcfg-firewall -o 59000-60000,tcp,in,vncextras esxcfg-firewall -o 59000-60000,tcp,out,vncextras Thanks! Mike Mike Corey Technology Senior Consultant, IT CS CTW Operation & Virtualization Service US SAP AMERICA, INC. 3999 West Chester Pike, Newtown Square, 19073 United States T +1 610 661 0905, M +1 484 274 2658, E [email protected]<mailto:[email protected]> [cid:[email protected]]
