Hi,
I'm trying this setup where an stunnel4 (listening for clients on port
16514) connects to an unencrypted libvirt backend (on port 16509). When I
point the virsh client to stunnel4 it hangs.
Looking via tshark:
1. virsh completes ssl handshake with stunnel4
2. stunnel4 completes tcp handshake with libvirt.
and that's all.
When connecting virsh client directly to libvirt (this time encrypted)
tshark shows:
1. virsh completes ssl handshake with libvirt (change cypher spec at the
end)
2. libvirt sends something (I can't decode what libvirt sends, since DH key
exchange is used.)
Anyway my question really is, can libvirt be run as an unencrypted backend
behind an ssl offloader such as stunnel4? If people do use it like that,
then I can look for any setup issues in mine.
My package versions:
libvirt: 1.2.2-0ubuntu13.1
stunnel4: 3:4.53-1.1ubuntu1
Thanks
~parthi