On Thu, Feb 28, 2013 at 11:44:02AM +0000, Richard W.M. Jones wrote:

Still investigating, but the log is attached.

Rich.

-- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming blog: http://rwmj.wordpress.com Fedora now supports 80 OCaml packages (the OPEN alternative to F#)

========================================= libvirt 1.0.2: tests/test-suite.log =========================================

# TOTAL: 83 # PASS: 80 # SKIP: 2 # XFAIL: 0 # FAIL: 1 # XPASS: 0 # ERROR: 0

.. contents:: :depth: 2

FAIL: virnettlscontexttest ==========================

TEST: virnettlscontexttest 1) TLS Context ... OK 2) TLS Context ... OK 3) TLS Context ... OK 4) TLS Context ... OK 5) TLS Context ... OK 6) TLS Context ... libvir: XML-RPC error : Our own certificate servercert.pem failed validation against cacert5.pem: The certificate is not trusted. FAILED

In that test case we're creating a CA cert which has the key-usage policy set to "digital signature" instead of "key signing". However we also set the flag "non-critical" so a failing key usage policy check should still result in a pass from cert validation. Sounds like gnutls3 isn't liking this. Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|