On Thu, Mar 23, 2017 at 19:02:04 -0400, John Ferlan wrote:
Add a new TLS X.509 certificate type - "migrate". This will handle the creation of a TLS certificate capability (and possibly repository) to be used for migrations. Similar to chardev's, credentials will be handled via a libvirt secrets; however, unlike chardev's enablement and usage will be via a CLI flag instead of a conf flag and a domain XML attribute.
The migrations using the *x509_verify flag require the client-cert.pem and client-key.pem files to be present in the TLS directory - so let's also be sure to note that in the qemu.conf file.
Signed-off-by: John Ferlan <jferlan@redhat.com> --- src/qemu/libvirtd_qemu.aug | 5 +++++ src/qemu/qemu.conf | 44 +++++++++++++++++++++++++++++++++++++- src/qemu/qemu_conf.c | 6 ++++++ src/qemu/qemu_conf.h | 4 ++++ src/qemu/test_libvirtd_qemu.aug.in | 3 +++ 5 files changed, 61 insertions(+), 1 deletion(-)
ACK Jirka