On Mon, Dec 10, 2018 at 01:22:32PM +0300, Anastasiya Ruzhanskaya wrote:
And how libvirt checks that it trusts the CA? Just simply inspects the cacert.pem file? Or it has some information inside about by which CA were signed client and server certificates and then compares against stored values? I mean can I just concatenate after signing or I need to combine two CAs before generating libvirt's client and server certificates?
Libvirt will check that the server's certificate is signed by any one of the CAs listed. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|