Hi,
I'm trying this setup where an stunnel4 (listening for clients on port 16514) connects to an unencrypted libvirt backend (on port 16509). When I point the virsh client to stunnel4 it hangs.
Looking via tshark:
1. virsh completes ssl handshake with stunnel4
2. stunnel4 completes tcp handshake with libvirt.
and that's all.
When connecting virsh client directly to libvirt (this time encrypted) tshark shows:
1. virsh completes ssl handshake with libvirt (change cypher spec at the end)
2. libvirt sends something (I can't decode what libvirt sends, since DH key exchange is used.)
Anyway my question really is, can libvirt be run as an unencrypted backend behind an ssl offloader such as stunnel4? If people do use it like that, then I can look for any setup issues in mine.
My package versions:
libvirt: 1.2.2-0ubuntu13.1
stunnel4: 3:4.53-1.1ubuntu1
Thanks
~parthi