[virt-tools-list] TLC Connection Issues with VNC

[Gregg Stock]

I'm having no luck getting TLS working with VNC. I was able to get TLS 
setup with virt-manager so I can see the virtual machines but when I 
double click on the guest, the window pops up but it says "Error: viewer 
connection to hypervisor host got refused or disconnected!" . I've tried 
several vnc viewers but no luck. I followed 
http://wiki.libvirt.org/page/VNCTLSSetup to add get the cert file paths 
for vnc.

 From what I could gather, it is likely a CN name issue. My server has 
several interfaces that are all resolvable through dns. I use dnsmasq to 
expand the domain.

The hostname returns "myserver" and I want to connect as a non-root user 
to "myserver.lan". I created the certs with CN as myserver.lan.

When I start virt-manager I get the following warning:

warning : virNetTLSContextCheckCertKeyUsage:272 : Certificate [session] 
usage does not permit key encipherment

With the GUI, I don't see anything in /var/log/messages.

If I use the command line and issue

virt-viewer  -c quem+tls://user@myserver.lan/system  guest

I'm getting the following error messages on the server.

Jul 15 18:26:05 butthead libvirtd: 25366: warning : 
virNetTLSContextCheckCertKeyUsage:272 : Certificate [session] usage does 
not permit key encipherment
Jul 15 18:26:05 butthead libvirtd: 25368: error : do_open:1192 : no 
connection driver available for No connection for URI quem:///system
Jul 15 18:26:05 butthead libvirtd: 25366: error : 
virNetSocketReadWire:1176 : Cannot recv data: Input/output error

Thanks in advance for any ideas on how to track this down.