On Fri, Feb 28, 2014 at 07:48:35PM +0100, Pasquale Dir wrote:
I tried to set cn=myMachine instead of cn=192.168.1.x
and...everything frezees!
virsh -c qemu://.../system
tries to connect forever.
You really need static ip addresses in the cn field??
I think this is an HUGE bug: you are saying to me that each time I change
network or ip (because, dear sirs, dhcp exists) I have to generate a whole
new couple of certificates??
I hope it is not the case....
Not sure why you're thinking libvirt only allows IP address - AFAIK
our docs don't say that, and indeed illustrate certifcate setup using
hostnames.
http://libvirt.org/remote.html#Remote_certificates
The only requirement is that whatever string is in the 'server name'
part of the URI, is also present in the certificate in either the
CommonName or subjectaltname fields. When creating the certificate
you're free to use IP addresses or dns names, or a mixture of both
with subjectaltname
Regards,
Daniel
--
|:
http://berrange.com -o-
http://www.flickr.com/photos/dberrange/ :|
|:
http://libvirt.org -o-
http://virt-manager.org :|
|:
http://autobuild.org -o-
http://search.cpan.org/~danberr/ :|
|:
http://entangle-photo.org -o-
http://live.gnome.org/gtk-vnc :|