On the server end if you try to start the server with TLS enabled and you
don't have the certs setup, you get a cryptic:
gnutls_certificate_set_x509_trust_file: Error while reading file.
Rather useless the gnutls error message not telling you what file was
missing.
Similarly with virsh:
# ~/usr/bin/virsh --connect qemu://localhost/system list
libvir: Remote error : Error while reading file.
Since GNU TLS doesn't even tell you the actual problem - was it wrong
permissions, or missing file altogether, I decided its better to do an
explicit 'stat' check ahead of time.
So now it gives:
$ ~/usr/bin/virsh --connect
qemu://celery.virt.boston.redhat.com/system start demo
libvir: Remote error : Cannot access CA certificate
'/home/berrange/usr/etc/pki/CA/cacert.pem': No such file or directory (2)
Or
$ ~/usr/bin/virsh --connect
qemu://celery.virt.boston.redhat.com/system start demo
libvir: Remote error : Cannot access CA certificate
'/home/berrange/usr/etc/pki/CA/cacert.pem': Permission denied (13)
Or in the daemon
# /usr/sbin/libvirtd --listen
Cannot access CA certificate '/home/berrange/usr/etc/pki/CA/cacert.pem': No such
file or directory (2)
Dan.
--
|=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=|
|=- Perl modules:
http://search.cpan.org/~danberr/ -=|
|=- Projects:
http://freshmeat.net/~danielpb/ -=|
|=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|