[libvirt] libvirtd ssl configuration
Daniel P. Berrange
berrange at redhat.com
Mon Feb 17 15:27:56 UTC 2014
On Mon, Feb 17, 2014 at 12:55:25AM +0400, Гусев Павел wrote:
> Hi!
> I found little semantics bug:
>
> [13:53:40] root at dedicated-04:~ # LC_ALL=C libvirtd -h
> libvirtd: invalid option -- 'h'
>
> Usage:
> libvirtd [options]
>
> Options:
> -v | --verbose Verbose messages.
> -d | --daemon Run as a daemon & write PID file.
> -l | --listen Listen for TCP/IP connections.
> -t | --timeout <secs> Exit after timeout period.
> -f | --config <file> Configuration file.
> | --version Display version information.
> -p | --pid-file <file> Change name of PID file.
>
> libvirt management daemon:
>
> Default paths:
>
> Configuration file (unless overridden by -f):
> /etc/libvirt/libvirtd.conf
>
> Sockets:
> /var/run/libvirt/libvirt-sock
> /var/run/libvirt/libvirt-sock-ro
>
> TLS:
> CA certificate: /etc/pki/CA/caert.pem
> Server certificate: /etc/pki/libvirt/servercert.pem
> Server private key: /etc/pki/libvirt/private/serverkey.pem
>
> PID file (unless overridden by -p):
> /var/run/libvirtd.pid
>
>
> I think that caert.pem should be cacert.pem =)
Yes indeed. You don't mention what version of libvirt you have here ?
It appears that we fixed this typo in the 1.1.3 release though:
commit 521b78d0afb9aff3c9f8d593e63c3d94b8f28f5d
Author: Christophe Fergeau <cfergeau at redhat.com>
Date: Wed Sep 18 14:01:26 2013 +0200
daemon: Fix 'caert.pem' typo in privileged help output
The help message indicates that the CA certificate is
$sysconfdir/pki/CA/caert.pem while the actual path is
$sysconfdir/pki/CA/cacert.pem
Signed-off-by: Christophe Fergeau <cfergeau at redhat.com>
Signed-off-by: Eric Blake <eblake at redhat.com>
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list