[lxc-users] What is the best way to report bug issues with LXD rest server?

Janjaap Bos janjaapbos at gmail.com
Sat May 23 20:24:37 UTC 2015


Try removing the trailing / from the url.

2015-05-23 22:17 GMT+02:00 Kevin LaTona <lists at studiosola.com>:

>
>  add local sends back an error
>
> root at kev:/home/kev# lxc remote add local 192.168.0.50:8443
>
> error: remote local exists as <unix:///var/lib/lxd/unix.socket>
>
>
>
>
> running just wget ( I've not used wget before )  so I am not sure how or
> if it's possible to send in the host name now or ??
>
>
>
>
> root at kev:~/.config/lxc# wget --no-check-certificate
> https://192.168.0.50:8443/1.0/ --certificate=client.crt
> --private-key=client.key -O - -v
>
> --2015-05-23 13:12:13--  https://192.168.0.50:8443/1.0/
>
> Connecting to 192.168.0.50:8443... connected.
> WARNING: cannot verify 192.168.0.50's certificate, issued by ‘O=
> linuxcontainer.org’:
>   Unable to locally verify the issuer's authority.
>     WARNING: certificate common name ‘’ doesn't match requested host name
> ‘192.168.0.50’.
> HTTP request sent, awaiting response... 404 Not Found
> 2015-05-23 13:12:13 ERROR 404: Not Found.
>
>
>
> Sounds like LXD server is working for you….. but still no idea why it's
> not for me yet.
>
>
> -Kevin
>
>
>
>
> On May 23, 2015, at 12:26 PM, Janjaap Bos <janjaapbos at gmail.com> wrote:
>
> Remove the /finger from the url given in the example, as that is no longer
> a published service.
>
> This is from OSX, using wget.
>
> wget --no-check-certificate https://myhost:8443/1.0 --certificate=client.crt
> --private-key=client.key -O - -q
>
>
> {"type":"sync","status":"Success","status_code":200,"metadata":{"api_compat":1,"auth":"trusted","config":{"trust-password":true},"environment":{"backing_fs":"ext4","driver":"lxc","kernel_version":"3.16.0-37-generic","lxc_version":"1.1.0","lxd_version":"0.9"}}}
>
>
> 2015-05-23 21:16 GMT+02:00 Janjaap Bos <janjaapbos at gmail.com>:
>
>> Before trying at OSX, make sure it works on your LXD host.
>>
>> Follow the steps for hacking on:
>>
>> https://github.com/lxc/lxd
>>
>> It works for me.
>> Hacking
>>
>> Sometimes it is useful to view the raw response that LXD sends; you can
>> do this by:
>>
>> lxc config set password foo
>> lxc remote add local 127.0.0.1:8443
>> wget --no-check-certificate https://127.0.0.1:8443/1.0/finger --certificate=$HOME/.config/lxc/client.crt --private-key=$HOME/.config/lxc/client.key -O - -q
>>
>>
>>
>> 2015-05-23 21:13 GMT+02:00 Kevin LaTona <lists at studiosola.com>:
>>
>>>
>>>
>>> I noticed I did not run the lxc config trust add client.crt call as
>>> suggested earlier.
>>>
>>> So I
>>>
>>> cd
>>> /root/.config/lxc
>>>
>>> lxc config trust add client.crt
>>>
>>>
>>> then
>>>
>>> lxc config trust list
>>>
>>> and got to finger prints back
>>>
>>>
>>>
>>> Next ran
>>>
>>>
>>> curl -v -k https://192.168.0.50:8443/1.0/images
>>>
>>> * Hostname was NOT found in DNS cache
>>> *   Trying 192.168.0.50...
>>> * Connected to 192.168.0.50 (192.168.0.50) port 8443 (#0)
>>> * successfully set certificate verify locations:
>>> *   CAfile: none
>>>   CApath: /etc/ssl/certs
>>> * SSLv3, TLS handshake, Client hello (1):
>>> * SSLv3, TLS handshake, Server hello (2):
>>> * SSLv3, TLS handshake, CERT (11):
>>> * SSLv3, TLS handshake, Server key exchange (12):
>>> * SSLv3, TLS handshake, Request CERT (13):
>>> * SSLv3, TLS handshake, Server finished (14):
>>> * SSLv3, TLS handshake, CERT (11):
>>> * SSLv3, TLS handshake, Client key exchange (16):
>>> * SSLv3, TLS change cipher, Client hello (1):
>>> * SSLv3, TLS handshake, Finished (20):
>>> * SSLv3, TLS alert, Server hello (2):
>>> * error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate
>>> * Closing connection 0
>>> curl: (35) error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad
>>> certificate
>>>
>>>
>>> root at c5:~#
>>>
>>>
>>>
>>>
>>> Unless I am missing another config step here.
>>>
>>> Sure looks like the LDX image server is sending out bad certs into the
>>> wild.
>>>
>>>
>>> -Kevin
>>> _______________________________________________
>>> lxc-users mailing list
>>> lxc-users at lists.linuxcontainers.org
>>> http://lists.linuxcontainers.org/listinfo/lxc-users
>>>
>>
>>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>
>
>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20150523/bb531869/attachment.html>


More information about the lxc-users mailing list