Charles Urquiola
2018-Sep-26 16:06 UTC
[libvirt-users] Libvirt TLS with Short Lived Certificates
I want to use short lived certificates with libvirtd to provided TLS access to the daemon. New certificates are generated on a daily basis and delivered to the host. Does libvirtd re-read TLS certificates with a reload of the service, systemctl reload libvirtd, or with a SIGHUP or is a full restart of the daemon required? --charlie
Martin Kletzander
2018-Oct-01 12:27 UTC
[libvirt-users] Libvirt TLS with Short Lived Certificates
On Wed, Sep 26, 2018 at 09:06:07AM -0700, Charles Urquiola wrote:>I want to use short lived certificates with libvirtd to provided TLS access >to the daemon. New certificates are generated on a daily basis and >delivered to the host. Does libvirtd re-read TLS certificates with a >reload of the service, systemctl reload libvirtd, or with a SIGHUP or is a >full restart of the daemon required? >If I'm reading the code correctly it needs a full restart. That's something that could be changed so that it is done on reload as well. Care to submit a proposal? O:-)>--charlie>_______________________________________________ >libvirt-users mailing list >libvirt-users at redhat.com >https://www.redhat.com/mailman/listinfo/libvirt-users-------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: Digital signature URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20181001/394ce7fe/attachment.sig>
Reasonably Related Threads
- Feature request: a good way to supply short-lived certificates to openssh
- Feature request: a good way to supply short-lived certificates to openssh
- Feature request: a good way to supply short-lived certificates to openssh
- Feature request: a good way to supply short-lived certificates to openssh
- Too many active clients?