Dell Customer Communication

Hi Daniel,

 

Thanks for pointing it out. After using hostname it is working fine.

Now I am trying to create a certificate using ip-address and will try to connect using ip-address and will update the result.

 

Thanks & Regards,

Dhaval Shah

-----Original Message-----
From: Daniel P. Berrange [mailto:berrange@redhat.com]
Sent: Monday, July 20, 2015 6:24 PM
To: Shah1, Dhaval
Cc: libvirt-users@redhat.com
Subject: Re: [libvirt-users] [Libvirt ] qemu+tls failed to verify peer's certificate

On Mon, Jul 20, 2015 at 05:39:17PM +0530, Dhaval_Shah1@dell.com wrote:
> Dell Customer Communication
>
> Hi everyone,
>
> I am trying to do a virsh using TLS Certificate. I am getting an error that "error: authentication failed: Failed to verify peer's certificate"
> I am following the steps mentioned in the
> http://wiki.libvirt.org/page/TLSSetup
> I have generated CA Certificate, client certificate and server certificate and placed them as mentioned in above site.
> After that when I am trying to do a virsh it is failing. Please let me know if anyone has encountered this kind of issue.
>
> virsh -c qemu+tls://172.14.5.6/system list
> error: failed to connect to hypervisor
> error: authentication failed: Failed to verify peer's certificate

Did you use the IP address when creating the certificate, or the domain name ? You are using the IP address in the URI here, so that must match what you used in the certificate. I'm guessing you used a hostname in the cert based on that error.

Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|