Dear All, Please find few minutes from your time and guide us with some pointers if possible. We are facing a libvirtd crash when we are trying to connect to qemu by default TLS transport. i.e libvirt crash when trying to inquiry libvirt version using curl with TLS # virsh -c qemu+tls://localhost/system version error: authentication failed: TLS handshake failed A TLS packet with unexpected length was received. error: failed to connect to the hypervisor We used our own CA and certificates on both Kontron PC and our board. Libvirtd.conf was modified so that libvirt is listening all IPs using default IP These directories and files created and used. /etc/pki/CA/cacert.pem /etc/pki/libvirt/private/serverkey.pem /etc/pki/libvirt/servercert.pem /etc/pki/libvirt/private/clientkey.pem /etc/pki/libvirt/clientcert.pem TLS connection worked fine with Kontron PC # virsh -c qemu+tls://localhost/system version Compiled against library: libvir 0.9.5 Using library: libvir 0.9.5 Using API: QEMU 0.9.5 Running hypervisor: QEMU 0.12.1 But libvirt crashed on our board (using libvirt 0.10.2, gnutls-2.10.5-1_WR4.3.x86_64 and libudev-161-4 rpms, libgcrypt-1.4.0-3_WR4.3.x86_64 ) # virsh -c qemu+tls://localhost/system version error: authentication failed: TLS handshake failed A TLS packet with unexpected length was received. error: failed to connect to the hypervisor GDB: Breakpoint 3, 0x00007f555bb07410 in gnutls_handshake () from /usr/lib64/libgnutls.so.26 (gdb) c Continuing. Program received signal SIGABRT, Aborted. 0x00007f555a096005 in raise () from /lib64/libc.so.6 (gdb) bt #0 0x00007f555a096005 in raise () from /lib64/libc.so.6 #1 0x00007f555a098e40 in abort () from /lib64/libc.so.6 #2 0x00007f555b87fdc5 in _gcry_logv (level=50, fmt=0x7f555b8c6170 "*operation is not possible without initialized secure memory\n*", arg_ptr=0x7fff546e1130) at misc.c:136 #3 0x00007f555b8803d5 in _gcry_log_bug (fmt=0x48e0 <Address 0x48e0 out of bounds>) at misc.c:220 #4 0x00007f555b885697 in _gcry_secmem_malloc_internal (size=<value optimized out>) at secmem.c:497 #5 0x00007f555b88579c in _gcry_secmem_malloc (size=136) at secmem.c:522 #6 0x00007f555b880a65 in do_malloc (n=18656, flags=<value optimized out>, mem=0x7fff546e1290) at global.c:553 #7 0x00007f555b880aa9 in _gcry_malloc_secure (n=18656) at global.c:592 #8 0x00007f555b880b19 in _gcry_xmalloc_secure (n=136) at global.c:746 #9 0x00007f555b8c35df in _gcry_mpi_alloc_limb_space (nlimbs=17, secure=18656) at mpiutil.c:92 #10 0x00007f555b8c365f in _gcry_mpi_alloc_secure (nlimbs=17) at mpiutil.c:75 #11 0x00007f555b8b025a in secret (output=0x17cfa20, input=0x17d0480, skey=0x6) at rsa.c:365 #12 0x00007f555b8b045a in _gcry_rsa_sign (algo=<value optimized out>, resarr=0x17d0660, data=0x17d0480, skey=<value optimized out>) at rsa.c:608 #13 0x00007f555b88c1ef in pubkey_sign (r_sig=0x7fff546e1488, s_hash=<value optimized out>, s_skey=<value optimized out>) at pubkey.c:692 #14 _gcry_pk_sign (r_sig=0x7fff546e1488, s_hash=<value optimized out>, s_skey=<value optimized out>) at pubkey.c:1807 ---Type <return> to continue, or q <return> to quit--- #15 0x00007f555bb29d8c in ?? () from /usr/lib64/libgnutls.so.26 #16 0x00007f555bb15e7a in ?? () from /usr/lib64/libgnutls.so.26 #17 0x00007f555bb1ddd6 in ?? () from /usr/lib64/libgnutls.so.26 #18 0x00007f555bb1e67f in ?? () from /usr/lib64/libgnutls.so.26 #19 0x00007f555bb1edaf in ?? () from /usr/lib64/libgnutls.so.26 #20 0x00007f555bb0af85 in ?? () from /usr/lib64/libgnutls.so.26 #21 0x00007f555bb06c55 in ?? () from /usr/lib64/libgnutls.so.26 #22 0x00007f555bb07437 in gnutls_handshake () from /usr/lib64/libgnutls.so.26 #23 0x00007f555c8a961b in virNetTLSSessionHandshake () from /usr/lib64/libvirt.so.0 #24 0x00007f555c89ea2b in virNetServerClientInit () from /usr/lib64/libvirt.so.0 #25 0x00007f555c89c821 in ?? () from /usr/lib64/libvirt.so.0 #26 0x00007f555c8a012a in ?? () from /usr/lib64/libvirt.so.0 #27 0x00007f555c79fbf5 in virEventPollRunOnce () from /usr/lib64/libvirt.so.0 #28 0x00007f555c79e825 in virEventRunDefaultImpl () from /usr/lib64/libvirt.so.0 #29 0x00007f555c89c20d in virNetServerRun () from /usr/lib64/libvirt.so.0 #30 0x000000000040c830 in ?? () It seems that virsh does not make proper use of libgcrypt or gnutls. In fact, Libgcrypt informs us what actually is going wrong. Please let us know if it is a known issue. Please go through the below link for more details: http://lists.gnupg.org/pipermail/gcrypt-devel/2008-December/001420.html Thanking you in anticipation. Thanks and Regards, Anusha K.