deploying to 1.0.2 to live environment fails in safari
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| | juju-gui |
High
|
Unassigned | ||
| | juju-gui (Juju Charms Collection) |
High
|
Unassigned | ||
Bug Description
When you deploy to a live environment and attempt to load the page in safari you get a ton of errors in the console and the GUI never moves past the 'connecting to environment'.
This revolves around the ssl warning that safari presents. Even if you continue, there's an issue and safari will not allow the web socket connection.
If you instead click on the "show certificiate" link during the safari warning, you have a checkbox for "always trust juju.ubuntu.com" and if you check that box and THEN continue, everything works.
We need to see what's the connection with juju.ubuntu.com and how to enable a more seamless safari experience.
This might need to be around the self signed cert generation in the charm. Marking this bug on both ends until it's diagnosed.
| Changed in juju-gui (Juju Charms Collection): | |
| status: | New → Triaged |
| importance: | Undecided → High |
| Jay R. Wren (evarlast) wrote : | #1 |
| Jay R. Wren (evarlast) wrote : | #2 |
Great, now the "always trust" checkbox IS in my safari, and it does work.
I examined the self signed cert, and it really is self signed. I don't think there is much more we can do. This is no different than the "Privacy error/Your connection is not private" message in chrome.
About the only change I can think of which might make things less confusing is changing the CN of the certificate from juju.ubuntu.com to something like "your-jujugui.
| Jay R. Wren (evarlast) wrote : | #3 |
http://
chrome console reports
GET https:/
for many things.
| Richard Harding (rharding) wrote : | #4 |
Thanks for the research Jay. I think that makes sense to remove the juju.ubuntu.com to something from the host.
We should also file a bug on the Juju GUI. The GUI can try to help out by providing instructions on the loading page if it's unable to connect and knows it's on safari. Hopefully that will help users help themselves to find the very hidden buttons.
The other thing we can look at suggesting is that users use a non-ssl connection, which is an option on the charm.
| Jay R. Wren (evarlast) wrote : | #5 |
Learning how safari works here...
If you click continue, that first time, without clicking Show Certificate, things fail, and the work around is one of two things:
1. Restart safari and this time click Show Certificate and check the Always trust checkbox
or
2. Follow the directions for importing to Keychain http://
| Jay R. Wren (evarlast) wrote : | #6 |
GUI notification moved to this bug: https:/
CN renamed to avoid confusion and committed rev94: https:/
| Changed in juju-gui: | |
| status: | Triaged → Fix Committed |
| Changed in juju-gui (Juju Charms Collection): | |
| status: | Triaged → Fix Committed |
| Changed in juju-gui: | |
| status: | Fix Committed → Fix Released |
| Changed in juju-gui (Juju Charms Collection): | |
| status: | Fix Committed → Fix Released |
Mavricks got rid of that checkbox, so these directions have to be followed for a workaround: http://