Re: [libvirt-users] Using certtool to generate certificates for ESXi
On Tue, Oct 29, 2013 at 06:48:46PM -0700, Shiva Bhanujan wrote:
Hello,
I'm using certtool to generate the server certificates for ESXi -
http://libvirt.org/remote.html#Remote_TLS_CA. I just copy the server
certificate and key as /etc/vmware/ssl/rui.crt and /etc/vmware/ssl/rui.key.
And then use virsh to connect from a CentOS 6.4 VM running on it - "virsh
-c esx://<esx IP>. I get the following error -
error: internal error curl_easy_perform() returned an error: Peer
certificate cannot be authenticated with known CA certificates (60) : Peer
certificate cannot be authenticated with known CA certificates
error: failed to connect to the hypervisor
is there something basic that I'm missing?
I'm not sure what you're missing, but the error message means that the
VMWare server certificate was not signed by any CA certificate that
the libvirt client has access to. So it is a client side CA cert config
problem most likely.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|