VMware websocket console for ESXI node
I am trying to configure a website for serving a websocket console to vcenter managed virtual machines.
I have a vcenter server, several esxi servers behind it, a linux + apache virtual machine with html + js for the console code, and a windows virtual machine that stands inside the same network, used to access the web application served by the linux virtual machine.
It goes something like this:
When I open the browser in the windows vm, I get an error saying
ERR_SSL_PROTOCOL_ERROR, generated by the websocket connection. I think this might be related to ssl misconfiguration on a part of this setup, but I have tried configuring them everywhere and to no avail until now. You are supposed to install the vcenter certificates as a trusted root to get this to work, but I have done (or tried to do) that, but the problem remains. I have tried configuring the certificates in the windows machine, by using mmc or importing the certificate in internet explorer, I have tried installing the certificates in the linux web application VM, I have tried everything regarding certificate installation that I can think of, using different methods.
There are 3 things that come to mind:
1 - I am trying to install the certificates in the wrong place
2 - I am doing the certificate installation wrong
3 - The error actually means something else and I am barking at the wrong tree
Regarding #1 and #2 - I have tried in the windows vm through MMC and Internet explorer, importing the certificates into the trusted root for the local machine. Should I do this differently? On the Linux web application VM, it is a centos machine and I tried importing this into the trusted certificates of the machine and updating the trusted certificates. Should I be installing this in a different place? Where and how should I install this, and how can I assess whether or not the installation is done correctly? Is there a way to validate this inside the linux VM or windows VM afterwards, to confirm the process worked as expected?
Regarding #3 - Is the error misleading, am I trying to fix something when I should be looking elsewhere? Is there a way to debug or backtrack this, either through google console, through a packet sniffer in the windows machine, through logs in the linux vm or elsewhere, so I can try to understand where in the chain something is failing?