[lxc-users] What is the best way to report bug issues with LXD rest server?

Janjaap Bos janjaapbos at gmail.com
Sat May 23 19:26:41 UTC 2015 

Remove the /finger from the url given in the example, as that is no longer
a published service.

This is from OSX, using wget.

wget --no-check-certificate https://myhost:8443/1.0 --certificate=client.crt
--private-key=client.key -O - -q

{"type":"sync","status":"Success","status_code":200,"metadata":{"api_compat":1,"auth":"trusted","config":{"trust-password":true},"environment":{"backing_fs":"ext4","driver":"lxc","kernel_version":"3.16.0-37-generic","lxc_version":"1.1.0","lxd_version":"0.9"}}}


2015-05-23 21:16 GMT+02:00 Janjaap Bos <janjaapbos at gmail.com>:

> Before trying at OSX, make sure it works on your LXD host.
>
> Follow the steps for hacking on:
>
> https://github.com/lxc/lxd
>
> It works for me.
> Hacking
>
> Sometimes it is useful to view the raw response that LXD sends; you can do
> this by:
>
> lxc config set password foo
> lxc remote add local 127.0.0.1:8443
> wget --no-check-certificate https://127.0.0.1:8443/1.0/finger --certificate=$HOME/.config/lxc/client.crt --private-key=$HOME/.config/lxc/client.key -O - -q
>
>
>
> 2015-05-23 21:13 GMT+02:00 Kevin LaTona <lists at studiosola.com>:
>
>>
>>
>> I noticed I did not run the lxc config trust add client.crt call as
>> suggested earlier.
>>
>> So I
>>
>> cd
>> /root/.config/lxc
>>
>> lxc config trust add client.crt
>>
>>
>> then
>>
>> lxc config trust list
>>
>> and got to finger prints back
>>
>>
>>
>> Next ran
>>
>>
>> curl -v -k https://192.168.0.50:8443/1.0/images
>>
>> * Hostname was NOT found in DNS cache
>> *   Trying 192.168.0.50...
>> * Connected to 192.168.0.50 (192.168.0.50) port 8443 (#0)
>> * successfully set certificate verify locations:
>> *   CAfile: none
>>   CApath: /etc/ssl/certs
>> * SSLv3, TLS handshake, Client hello (1):
>> * SSLv3, TLS handshake, Server hello (2):
>> * SSLv3, TLS handshake, CERT (11):
>> * SSLv3, TLS handshake, Server key exchange (12):
>> * SSLv3, TLS handshake, Request CERT (13):
>> * SSLv3, TLS handshake, Server finished (14):
>> * SSLv3, TLS handshake, CERT (11):
>> * SSLv3, TLS handshake, Client key exchange (16):
>> * SSLv3, TLS change cipher, Client hello (1):
>> * SSLv3, TLS handshake, Finished (20):
>> * SSLv3, TLS alert, Server hello (2):
>> * error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate
>> * Closing connection 0
>> curl: (35) error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad
>> certificate
>>
>>
>> root at c5:~#
>>
>>
>>
>>
>> Unless I am missing another config step here.
>>
>> Sure looks like the LDX image server is sending out bad certs into the
>> wild.
>>
>>
>> -Kevin
>> _______________________________________________
>> lxc-users mailing list
>> lxc-users at lists.linuxcontainers.org
>> http://lists.linuxcontainers.org/listinfo/lxc-users
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20150523/defd47e9/attachment.html>

More information about the lxc-users mailing list