[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Trying to debug VMware console connection block

Nathan,

There appears to be a CA problem connecting with https:// on 8333. I'm able to connect with http:// on 8222, but not reliably. I'm able to log onto the console, but not always to the guest OS. As soon as I can get back in, I'm copying the old TurboTax files to a thumb drive and moving them to a physical Windows 7 installation. This is just too scary with April 15 just around the corner.

--Doc

On Sat, 2010-04-10 at 22:46 -0500, Nathan Nutter wrote: 
Doc,

So what is the problem that remains with SSL? Your 'curl -k -v
https://127.0.0.1:8333' output looks fine given that curl doesn't
support JavaScript. The -k is expected as the cert is not signed by a
CA and the equivalent in Firefox would be to add a security exception
when prompted.

Regards,
Nathan *Nutter*

On Sat, Apr 10, 2010 at 9:54 PM, Robert G. (Doc) Savage
<dsavage@peaknet.net> wrote:
>
> On Sat, 2010-04-10 at 21:00 -0400, Nathaniel R. Reindl wrote:
>
> On Sat, Apr 10, 2010 at 8:47 PM, Robert G. (Doc) Savage
> <dsavage@peaknet.net> wrote:
>> Looks rather like the outut of 'iptables -L -v', doesn't it?
>
> In a sense, yes, but I'm asking for this specifically to see if
> iptables is actually acknowledging any parameters that wouldn't show
> up by way of `iptables -L -v`.  It doesn't look to be the case.
>
> Have you confirmed yet that you have something that matches
> 127.0.0.1:8333 when you examine the output from `netstat -l -Ainet`?
> If so, try beating against the thing with cURL or similar to see if
> it's the HTTP side of the world causing you this grief.  Something
> like `curl -v http://127.0.0.1:8333/` or `curl --trace-ascii -
> http://127.0.0.1:8333/` might work.
>
> Nate,
>
> Now comes the fun part. VMware's console connection to port 8333 is https;
> its http connections are supposed to use port 8222.
>
> First, curl for the https port: See https-attach-1.txt
>
> Following this advisory I add the -k option: See https-attach-1k.txt
>
> The http case has no certificate problem, but it still fusses about
> Javascript: See http-attach-1.txt
>
> Interestingly enough, I can actually connect to the console user interface
> with http://127.0.0.1:8222. That's not quite the same as being able to
> access any of the installed virtual machines. After combing through the
> wreckage for the last hour I think I've found and fixed most of the
> configuration loose ends. I can connect to the Windows XP virtual machine
> that has my last year's TurboTax files, but not using the https console. The
> patient is alive, but not yet ready to run the 100 meters.
>
> --Doc