[libvirt] [PATCH v2] libvirtd: clarify the TLS conf default vaule setting
John Ferlan
jferlan at redhat.com
Fri Jan 19 22:20:10 UTC 2018
s/vaule/value
On 01/12/2018 05:33 AM, Chen Hanxiao wrote:
> From: Chen Hanxiao <chenhanxiao at gmail.com>
>
> As the description of daemon/libvirtd.conf, setting
> key_file, cert_file or key_file will override the default value.
> But if we set any one of them, we need to set all the rest of them.
>
> This patch clarify that description.
More simply stated:
Provide more details related to the requirement that setting one
of the values requires setting all of them.
>
> Signed-off-by: Chen Hanxiao <chenhanxiao at gmail.com>
> ---
> v2:
> fix a typo
>
> daemon/libvirtd.conf | 3 +++
> 1 file changed, 3 insertions(+)
> > diff --git a/daemon/libvirtd.conf b/daemon/libvirtd.conf
> index 8e0c0d96d..7040ff26b 100644
> --- a/daemon/libvirtd.conf
> +++ b/daemon/libvirtd.conf
> @@ -183,6 +183,9 @@
> #
>
>
> +# NB, if the default value of 'key_file', 'cert_file' or
> +# 'ca_file' would be changed,
> +# all of them should be changed together.
How about this instead:
# Use of TLS requires that x509 certificates be issued. The default locations
# for the certificate files is as follows:
#
# /etc/pki/CA/cacert.pem - The CA master certificate
# /etc/pki/libvirt/servercert.pem - The server certificate signed with
# the cacert.pem
# /etc/pki/libvirt/private/serverkey.pem - The server private key
#
# It is possible to override the default locations by altering the 'key_file',
# 'cert_file', and 'ca_file' values and uncommenting them below.
#
# NB, overriding the default of one location requires uncommenting and
# possibly additionally overriding the other settings.
#
> # Override the default server key file path
> #
> #key_file = "/etc/pki/libvirt/private/serverkey.pem"
>
More information about the libvir-list
mailing list