[virt-tools-list] TLC Connection Issues with VNC

Gregg Stock gregg at damagecontrolusa.com
Wed Jul 17 07:40:13 UTC 2013 

I recreated the keys and had some success. I got rid of the "usage does 
not permit key encipherment" message,  Virt-Manager still shows the 
virtual machines and I can connect fine with vinagre but I'm still 
having problems with virt-viewer and the Virtual-Machine manager console

When I try to open a console from Virt-Manager, here is what I get from 
log in ~/.virt-manager

[Tue, 16 Jul 2013 21:50:06 virt-manager 4642] DEBUG (details:535) 
Showing VM details: <vmmDomain object at 0x9d410cc 
(virtManager+domain+vmmDomain at 0xa335190)>
[Tue, 16 Jul 2013 21:50:06 virt-manager 4642] DEBUG (engine:471) window 
counter incremented to 4
[Tue, 16 Jul 2013 21:50:06 virt-manager 4642] DEBUG (console:1075) 
Starting connect process for proto=vnc trans=tls connhost=192.168.8.11 
connuser=bob connport=5903 gaddr=192.168.8.11 gport=5903 gsocket=None
[Tue, 16 Jul 2013 21:50:06 virt-manager 4642] DEBUG (console:340) Got 
credential request <enum VNC_CONNECTION_CREDENTIAL_CLIENTNAME of type 
VncConnectionCredential>
[Tue, 16 Jul 2013 21:50:06 virt-manager 4642] DEBUG (console:958) Viewer 
disconnected
[Tue, 16 Jul 2013 21:50:09 virt-manager 4642] DEBUG (details:552) 
Closing VM details: <vmmDomain object at 0x9d410cc 
(virtManager+domain+vmmDomain at 0xa335190)>
[Tue, 16 Jul 2013 21:50:09 virt-manager 4642] DEBUG (engine:475) window 
counter decremented to 3


With virt-viewer I get the following on the client

Opening connection to libvirt with URI qemu+tls://bob@host.lan/system
Guest bunny is running, determining display
Guest bunny has a vnc display
Opening direct TCP connection to display at 192.168.8.11:5903
Guest bunny display has disconnected, shutting down

On the server, I get the following in /var/log/messages

  libvirtd: 29338: error : virNetSocketReadWire:1176 : Cannot recv data: 
Input/output error


On 7/16/2013 6:26 AM, Daniel P. Berrange wrote:
> On Mon, Jul 15, 2013 at 06:28:35PM -0700, Gregg Stock wrote:
>> warning : virNetTLSContextCheckCertKeyUsage:272 : Certificate
>> [session] usage does not permit key encipherment
> This says you've created and/or configured bad certificates.
>
> Per the instructions here:
>
>    http://libvirt.org/remote.html#Remote_certificates
>
> The key usage extension for the client/server certs must include
>
>    encryption_key
>    signing_key
>
> Or the key usage should be omitted. This error says you have some other
> key usage set when creating the certs.
>
> Daniel

More information about the virt-tools-list mailing list