[virt-tools-list] TLS authentification
Daniel Berteaud
daniel at firewall-services.com
Thu Oct 1 12:11:15 UTC 2009
Le jeudi 01 octobre 2009 à 14:03 +0200, Daniel Huhardeaux a écrit :
> Hello,
>
> I installed libvirt on two servers and use my laptop as client. On both
> servers I could without any problem modify the TLS x509 certificate
> configuration in /etc/libvirt/libvitrd.conf to fit my needs (changing
> directories and files name).
>
> On the client, it's another story. All certificats need to be located in
> /etc/pki/[CA|libvirt] directories. Ok, can be. But other problem is with
> the file names which are cacert.pem clientcert.pem and clientkey.pem
>
> How to get them renamed as I have 2 servers to connect on :-( ? At this
> time I use same certs for both of them but that's not a solution.
I had the same problem, so for now, I've switched to SSH instead of TLS
(as I can manage different keys for different servers and automatically
choose the good one in .ssh/config). But it'd be great to be able to
specify CA, cert and key files on a per connection basis when adding a
new connection using TLS. We should also be able to specify certs files
for VNC connections (also on a per connection basis)
Regards.
>
> Thanks for any hint
>
--
Daniel Berteaud
FIREWALL-SERVICES SARL.
Société de Services en Logiciels Libres
Technopôle Montesquieu
33650 MARTILLAC
Tel : 05 56 64 15 32
Fax : 05 56 64 15 32
Mail: daniel at firewall-services.com
Web : http://www.firewall-services.com
More information about the virt-tools-list
mailing list