On Mon, Jan 10, 2011 at 03:51:42PM +0100, Matthias Bolte wrote:
2011/1/8 Justin Clift <jclift@redhat.com>:
Hi guys,
Created the windows libvirt 0.8.7 installer using Matthias's updated scripting:
http://libvirt.org/sources/win32_experimental/Libvirt-0.8.7-0.exe
Does someone have time to test and confirm it's ok, before we point to it from the website?
Arnaud, this version of the installer adds the virsh bin directory to the system PATH variable. So I'm thinking don't need to copy the libvirt dll's around, when using your C# bindings.
If you've have time to test that, it would be great. Could then update the web page with that info. :)
Regards and best wishes,
Justin Clift
The readme suggests (at least to me) that the TLS certs for libvirt's TLS transport and the ESX driver using HTTPS are the same:
"TLS certificates are needed prior to connecting to either QEMU instances with TLS, or connecting to VMware ESX/vSphere."
Yes, the ESX driver (actually libcurl) needs to know the cacert.pem for the key that signed the HTTPS certificate in order to verify the server's certificate. That's what you can disable using the no_verify=1 query parameter. But HTTPS doesn't do mutual verification as libvirt's TLS transport does. There is no clientcert/key.pem involved in HTTPS.
Actually HTTPS as a generic protcool *can* do mutual authentication requiring a client certificate - the Fedora build system uses this capability. Whether libcurl implements support for this, and whether VMWare ESX server requests it, are the actual questions to ask :-) Daniel