Re: [libvirt] [PATCH 0/4] Fix handling of CA certificate chains
On 08/06/2013 05:35 AM, Daniel P. Berrange wrote:
This series fixes the CA certificate validation so that it
correctly works when a client and server cert are both signed
by intermediate CAs, sharing a common ancestor CA.
After the application of this series, I'm starting to see sporadic test
failures; when I run 'make -j3 check' the test sometimes fails like
this; but when I then do 'cd tests; ./virnettlssessiontest', it passes.
I suspect you have a race where parallel tests are now trying to access
the same file, and whoever loses the test fails; whereas a serial run
passes every time.
11) TLS Session servercertreq.filename + clientcertreq.filename ... OK
12) TLS Session servercertreq.filename + clientcertreq.filename
... libvirt: XML-RPC error : authentication failed: Failed to verify
peer's certificate
OK
13) TLS Session servercertreq.filename + clientcertreq.filename ... OK
14) TLS Session servercertreq.filename + clientcertreq.filename
... libvirt: XML-RPC error : authentication failed: Failed to verify
peer's certificate
FAILED
15) TLS Session servercertlevel3areq.filename +
clientcertlevel2breq.filename ... libvirt: XML-RPC error : Cannot read
private key '/home/eblake/libvirt/tests/virnettlscontexttest-key.pem':
No such file or directory
FAILED
--
libvir-list mailing list
libvir-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 621 bytes)