[libvirt] [PATCH] docs: Add docs for new extra parameter pkipath

* docs/remote.html.in --- docs/remote.html.in | 30 ++++++++++++++++++++++++++++++ 1 files changed, 30 insertions(+), 0 deletions(-) diff --git a/docs/remote.html.in b/docs/remote.html.in index b0fdb7c..a68d0fa 100644 --- a/docs/remote.html.in +++ b/docs/remote.html.in @@ -308,6 +308,22 @@ Note that parameter values must be <td colspan="2"/> <td> Example: <code>no_tty=1</code> </td> </tr> + <tr> + <td> + <code>pkipath</code> + </td> + <td> tls</td> + <td> + Specifies x509 certificates path for client. As long as one of the + certificates (CA cerfificate, client key, client certificate) doesn't + exist in the specified path, the connection will fail with fatal + error. +</td> + </tr> + <tr> + <td colspan="2"/> + <td> Example: <code>pkipath=/tmp/pki/client</code> </td> + </tr> </table> <h3> <a name="Remote_certificates">Generating TLS certificates</a> @@ -372,6 +388,20 @@ next section. </td> </tr> </table> + <p> +If 'pkipath' is specified in URI, then all the client certificates should +be able to found in the path specified, otherwise, connection will fail +with fatal error. And if 'pkipath' is not specified: +</p> + <ul> + <li> For user who is non-root, libvirt trys to find the certificates +in $HOME/.pki/libvirt, if one of the required certificates can not be found, +global default locations(/etc/pki/CA/cacert.pem, +/etc/pki/libvirt/private/clientkey, /etc/pki/libvirt/clientcert.pem) will be +used. +</li> + <li> For user who is root, global default location will be used. </li> + </ul> <h4> <a name="Remote_TLS_background">Background to TLS certificates</a> </h4> -- 1.7.3.2