[libvirt-users] client certificate path hard coded?
Hi all, I'm trying to figure out how to get my desktop talking to two libvirt hosts using qemu+tls and I've read that virsh relies on hard coded paths to the certificates.. which seems to be true. Is there a way to tell virsh to use a different path to a certificate, or another way people solve this presently? Cheers, Ant
2011/3/11 Anthony Goddard <agoddard@mbl.edu>:
Hi all, I'm trying to figure out how to get my desktop talking to two libvirt hosts using qemu+tls and I've read that virsh relies on hard coded paths to the certificates.. which seems to be true. Is there a way to tell virsh to use a different path to a certificate, or another way people solve this presently? Cheers, Ant
Recent libvirt 0.8.8 added a new query parameter pkipath. This allows you to specify a directory containing cacert.pem, clientkey.pem and clientcert.pem to be used for that connection. virsh -c qemu+tls://example.com/system/?pkipath=/local/path/to/certificates See http://libvirt.org/remote.html Matthias
Perfect, thanks Matthias, I'd tried those params but didn't realize they were only in 0.8.8 & I was on 0.8.7.. I've just updated to 0.8.8 and it's working perfectly. On Mar 11, 2011, at 4:05 PM, Matthias Bolte wrote:
2011/3/11 Anthony Goddard <agoddard@mbl.edu>:
Hi all, I'm trying to figure out how to get my desktop talking to two libvirt hosts using qemu+tls and I've read that virsh relies on hard coded paths to the certificates.. which seems to be true. Is there a way to tell virsh to use a different path to a certificate, or another way people solve this presently? Cheers, Ant
Recent libvirt 0.8.8 added a new query parameter pkipath. This allows you to specify a directory containing cacert.pem, clientkey.pem and clientcert.pem to be used for that connection.
virsh -c qemu+tls://example.com/system/?pkipath=/local/path/to/certificates
See http://libvirt.org/remote.html
Matthias
participants (2)
-
Anthony Goddard -
Matthias Bolte