SPICE unable to connect graphic server HTTP proxy connection failed: 401

O

Offf256

Renowned Member
Feb 18, 2014
20
7
68
I have kinda weird problem on freshly installed PVE (latest 7.2) cluster.
I can access SPICE console ONLY on first installed host (pve01 where I also created cluster).
All other nodes give SPICE unable to connect graphic server HTTP proxy connection failed: 401
Nothing special in logs at first glance. NoVNC workin tho, both SPICE and VirtIO GPU modes.
But what is so special in "first installed node" ? P.S. VM is absolutley the same. Everything same.
 
can the nodes connect to each other with ssh (without password prompt)?
can they connect to each other via port 3128 ? (spice proxy)

on which node do you connect to (in the browser)?
 
dcsapak said:
can the nodes connect to each other with ssh (without password prompt)?
can they connect to each other via port 3128 ? (spice proxy)

on which node do you connect to (in the browser)?
Click to expand...
Detected some "offending keys". Now fixed. Also this gave me an idea. Could it be "self signed cert" that offends.
Because further testing revealed, YES - I can access SPICE console on VMs that are located on the same host I am connected to.
node 1 - https://node1:8006 > SPICE available
node 2 - https://node2:8006 > SPICE available
... etc ...
I will order correct certificate instead of self-signed one and test this theory further.
 
Generated a SAN certificate with all the nodes and "general" name on it.
imported certificate. No errors. Of course our internal CA is trusted as authority both in client OS and client chrome.
No it behaves even MORE mysteriously.
2 nodes (1,4) have spice console available no matter what name I use to connect.
2 nodes (2 and 3 namely) have SPICE console available only and only IF I connect to aforementioned node specifically.
Otherwise "proxy error" 401. Could not detect any differences. All 4 nodes have exact same cert.
 
You must log in or register to reply here.
Top Bottom