13:02:12 <alinefm> #startmeeting 13:02:13 <kimchi-bot> Meeting started Wed Dec 3 13:02:12 2014 UTC. The chair is alinefm. Information about MeetBot at http://wiki.debian.org/MeetBot. 13:02:13 <kimchi-bot> Useful Commands: #action #agreed #help #info #idea #link #topic. 13:02:13 <alinefm> #meetingname scrum 13:02:13 <kimchi-bot> The meeting name has been set to 'scrum' 13:02:23 <alinefm> #info Agenda 1) Status 2) Open discussion 13:02:24 <alinefm> anything else? 13:02:33 <royce> good for me 13:02:52 <YuXin> #info YuXin Test on iPad(afari+chrome) 13:03:05 <alinefm> #topic Status 13:03:05 <alinefm> #info Please provide your status using the #info command: #info <nickname> <status> 13:03:15 <wenwang> #info wenwang tested kimchi on IE 13:03:25 <alinefm> #info alinefm tagged 1.4.0-rc1 and updated ChangeLog, Version and po files 13:03:32 <vianac> #info vianac tested Kimchi 1.4.0-rc1 on Fedora 20 and opened bugs 13:03:32 <wenwang> #info wenwang reported related bugs 13:03:38 <alinefm> #info alinefm sent patch to update RHEL7 information on README 13:03:49 <royce> #info royce tested on Ubuntu 14.10, found some bugs related to build, testcases 13:04:28 <royce> #info royce sent patch for pep8, testcase, now working on fixing ldap authentication bugs 13:06:12 <alinefm> from the test matrix we still have a lot of tests to do: https://github.com/kimchi-project/kimchi/wiki/Testing-1.4 13:06:37 <alinefm> in one week we will start the hard code freeze which means only critical bug fixes will be merged upstream 13:06:49 <Guest393> #info Simon test kimchi 1.4 on opensuse13.2 13:07:06 <alinefm> so it is really important to complete the tests by the end of the day tomorrow and then we focus on providing patches to the bugs open 13:07:12 <alinefm> does that make sense? 13:08:07 <royce> Got it 13:08:25 <alinefm> if we complete the tests tomorrow we have only *one week* to focus on bug fixes 13:08:40 <alinefm> vianac, Guest393, YuXin, wenwang, agree? 13:08:45 <wenwang> agree 13:09:00 <YuXin> alinefm, need one column for mobile 13:09:17 <YuXin> I mean in test matrix 13:09:31 <alinefm> YuXin, I can add one if you want 13:09:36 <YuXin> ok 13:09:41 <wenwang> alinefm: Also, for browsers, I remember we had it before 13:10:32 <alinefm> #action each test focal point will complete the test matrix by the end of the day tomorrow (12/04) 13:10:47 <alinefm> #action alinefm add columns to mobile and browser on test matrix 13:11:03 <wenwang> thanks alinefm 13:11:06 <alinefm> #info 1.4 hard code freeze starts in one week (12/10) 13:11:46 <alinefm> once we complete the tests, please, take as many bugs as you can to provide patches so we can get a stable version before 12/10 13:11:48 <alinefm> ok? 13:12:06 <YuXin> ok 13:12:07 <royce> OK 13:12:24 <alinefm> vianac, Guest393, wenwang ^ 13:12:30 <wenwang> ok 13:13:59 <alinefm> #topic Open Discussion 13:14:11 <alinefm> what are the topics for today? 13:14:38 <YuXin> alinefm, if I remember corrently, you have ever tired vnc console on mobile in last release? 13:15:03 <alinefm> YuXin, yeap - I tested on Android phones 13:15:24 <YuXin> the ssl certificate is manually imported, right? 13:15:24 <alinefm> on Android it works well as we don't have the cert issue there 13:15:36 <alinefm> nope 13:15:52 <YuXin> so all through brower? 13:15:52 <alinefm> you only need to manually import the cert for iOS phones/tablets 13:16:04 <alinefm> yeap 13:16:19 <YuXin> but the default cert of kimchi can not be imported into iPad as trusted 13:16:25 <alinefm> on Android you accept the cert in the same way you do on desktop browsers 13:16:38 <alinefm> YuXin, yeap - it is a known issue 13:17:01 <alinefm> for iOS devices the user must provide a trusted cert OR manually import the cert before access kimchi on browser 13:17:15 <YuXin> if leverage brower, the cert will not be imported on ipad, it is taken as ssl excpetion 13:17:57 <YuXin> if manually import(send the cert file as a mail attachment, then open cert from mail on ipad), the cert is still taken as untrusted on ipad 13:18:27 <YuXin> the cert file is created by kimchi, right? 13:18:31 <alinefm> really? I have read on some blogs that the manually import worked 13:18:52 <alinefm> YuXin, if the user does not provide one, kimchi generates one 13:18:54 <YuXin> seems like the 'issued to' attribute of the cert file has some problem 13:19:01 <wenwang> I encourtered this when using ipad too 13:19:32 <YuXin> alinefm, for current kimchi cert file, whether it is generated by kimchi? 13:20:12 <alinefm> YuXin, on kimchi.conf file you can specify you own cert file 13:20:24 <alinefm> if you don't specify it, Kimchi will generate one cert for you 13:20:40 <alinefm> and there is no way to change the way kimchi generate it to be trusted to iOS 13:20:59 <alinefm> to be a trusted cert we need to pay a cert assigner and it will no happen 13:21:01 <alinefm> *not 13:21:16 <YuXin> can you copy the command to generate cert file? I want to try if I can modify some params when generate cert file to make it work on iPad 13:23:07 <alinefm> YuXin, you can check sslcert.py 13:23:14 <YuXin> ok 13:23:19 <alinefm> but again, there is nothing we can do to solve it 13:24:07 <alinefm> if user want to use VNC on iOS devices he/she must provide a different SSL cert or import the non-trusted cert manually 13:24:54 <YuXin> the problem is that even manually import, not all cert file will be taken as trusted 13:25:16 <YuXin> so I want to get what a cert file can be manually imported as trusted on ipad 13:26:06 <YuXin> I will investigate all options when generating a cert file to see whether I can get a self-sighed cert file to be trusted on iPAD 13:26:19 <alinefm> YuXin, did you follow those references: http://lists.ovirt.org/pipermail/kimchi-devel/2014-August/006935.html ? 13:29:03 <YuXin> I guest it is not for iOS7 or iOS8 13:29:48 <alinefm> YuXin, what I remember is: once you accept the cert on browser you need to do a reset in the device to then import the cert manually 13:29:56 <alinefm> otherwise the manually import will not work 13:30:18 <YuXin> I got kimchi cert file on desktop, send the cert file to my mail box 13:30:22 <YuXin> as an attachement 13:30:43 <alinefm> and have you never accept the kimchi cert in your iOS device before it? 13:30:45 <YuXin> open my mailbox on iPad, open the cert file attachement with safari 13:31:17 <YuXin> then iOS ask me to import the cert file, there is no option about whether import it as trusted or not 13:31:53 <YuXin> then I continue to import, then check the cert file, it is marked as untrusted 13:33:08 <alinefm> YuXin, you need to install the cert instead of open it on Safari 13:33:14 <alinefm> https://blog.httpwatch.com/2013/12/12/five-tips-for-using-self-signed-ssl-certificates-with-ios/ 13:34:07 <YuXin> I checked this link today, and there is "It most cases the computer name will not match the intended host name and you end up with a self-signed certificate that is never trusted – even when it is added to iOS:" 13:34:45 <alinefm> YuXin, anyway, I think we should add those links to the troubleshooting section on README 13:35:01 <alinefm> and let user provide a different cert if he/she wants to use kimchi on iOS devices 13:35:45 <YuXin> if user can provide a trusted cert file signed offically, then it will must work 13:35:55 <alinefm> yeap 13:37:14 <YuXin> ok, I willl investigate more about whether there is a way to make a self-sighed cert file to be trusted in iPad 13:37:55 <alinefm> ok 13:38:50 <alinefm> any other topic? 13:39:14 <YuXin> alinefm, the distributions and versions on test matrix page are all kimchi supported? 13:39:25 <alinefm> YuXin, yes 13:39:29 <YuXin> ok 13:39:41 <YuXin> I have nothing more today 13:39:42 <alinefm> YuXin, kimchi supports the latest version of RHEL, Ubuntu, Fedora and OpenSUSE 13:39:54 <YuXin> ok 13:40:10 <wenwang> nothing from me 13:40:25 <alinefm> royce, vianac, Guest393, anything else? 13:40:50 <vianac> alinefm: no 13:41:56 <royce> nope 13:43:06 <alinefm> thanks everyone for joining! 13:43:13 <alinefm> #endmeeting