[lxc-users] What is the best way to report bug issues with LXD rest server?

Kevin LaTona lists at studiosola.com
Sat May 23 20:17:55 UTC 2015 

 add local sends back an error

root at kev:/home/kev# lxc remote add local 192.168.0.50:8443

error: remote local exists as <unix:///var/lib/lxd/unix.socket>




running just wget ( I've not used wget before )  so I am not sure how or if it's possible to send in the host name now or ??




root at kev:~/.config/lxc# wget --no-check-certificate https://192.168.0.50:8443/1.0/ --certificate=client.crt --private-key=client.key -O - -v

--2015-05-23 13:12:13--  https://192.168.0.50:8443/1.0/

Connecting to 192.168.0.50:8443... connected.
WARNING: cannot verify 192.168.0.50's certificate, issued by ‘O=linuxcontainer.org’:
  Unable to locally verify the issuer's authority.
    WARNING: certificate common name ‘’ doesn't match requested host name ‘192.168.0.50’.
HTTP request sent, awaiting response... 404 Not Found
2015-05-23 13:12:13 ERROR 404: Not Found.



Sounds like LXD server is working for you….. but still no idea why it's not for me yet.


-Kevin




On May 23, 2015, at 12:26 PM, Janjaap Bos <janjaapbos at gmail.com> wrote:

> Remove the /finger from the url given in the example, as that is no longer a published service.
> 
> This is from OSX, using wget. 
> 
> wget --no-check-certificate https://myhost:8443/1.0 --certificate=client.crt --private-key=client.key -O - -q
> 
> {"type":"sync","status":"Success","status_code":200,"metadata":{"api_compat":1,"auth":"trusted","config":{"trust-password":true},"environment":{"backing_fs":"ext4","driver":"lxc","kernel_version":"3.16.0-37-generic","lxc_version":"1.1.0","lxd_version":"0.9"}}}
> 
> 
> 2015-05-23 21:16 GMT+02:00 Janjaap Bos <janjaapbos at gmail.com>:
> Before trying at OSX, make sure it works on your LXD host.
> 
> Follow the steps for hacking on:
> 
> https://github.com/lxc/lxd
> 
> It works for me.
> Hacking
> 
> Sometimes it is useful to view the raw response that LXD sends; you can do this by:
> 
> lxc config set password foo
> lxc remote add local 127.0.0.1:8443
> wget --no-check-certificate https://127.0.0.1:8443/1.0/finger --certificate=$HOME/.config/lxc/client.crt --private-key=$HOME/.config/lxc/client.key -O - -q
> 
> 
> 2015-05-23 21:13 GMT+02:00 Kevin LaTona <lists at studiosola.com>:
> 
> 
> I noticed I did not run the lxc config trust add client.crt call as suggested earlier.
> 
> So I
> 
> cd
> /root/.config/lxc
> 
> lxc config trust add client.crt
> 
> 
> then
> 
> lxc config trust list
> 
> and got to finger prints back
> 
> 
> 
> Next ran
> 
> 
> curl -v -k https://192.168.0.50:8443/1.0/images
> 
> * Hostname was NOT found in DNS cache
> *   Trying 192.168.0.50...
> * Connected to 192.168.0.50 (192.168.0.50) port 8443 (#0)
> * successfully set certificate verify locations:
> *   CAfile: none
>   CApath: /etc/ssl/certs
> * SSLv3, TLS handshake, Client hello (1):
> * SSLv3, TLS handshake, Server hello (2):
> * SSLv3, TLS handshake, CERT (11):
> * SSLv3, TLS handshake, Server key exchange (12):
> * SSLv3, TLS handshake, Request CERT (13):
> * SSLv3, TLS handshake, Server finished (14):
> * SSLv3, TLS handshake, CERT (11):
> * SSLv3, TLS handshake, Client key exchange (16):
> * SSLv3, TLS change cipher, Client hello (1):
> * SSLv3, TLS handshake, Finished (20):
> * SSLv3, TLS alert, Server hello (2):
> * error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate
> * Closing connection 0
> curl: (35) error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate
> 
> 
> root at c5:~#
> 
> 
> 
> 
> Unless I am missing another config step here.
> 
> Sure looks like the LDX image server is sending out bad certs into the wild.
> 
> 
> -Kevin
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
> 
> 
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20150523/e49c2d5e/attachment.html>

More information about the lxc-users mailing list