I also wanted to know,
where the information about current session is sent?
In which structures ( I actually didn't find this in code)?
Is it appended to every sent procedure or not? Or maybe libvirt checks in
some other way ?
Thank you.
2017-12-10 20:57 GMT+01:00 Anastasiya Ruzhanskaya <
anastasiya.ruzhanskaya@frtk.ru>:
> Hello,
> I am currently trying to install certificates for tls. By this time I have
> got some questions:
> 1) Is documentation in the web docs up-to-date regarding tls server,
> client, ca certificates? (actually I have some problems, but maybe this is
> due to smth has changed in certtools and was not updated in docs, perhaps
> some more fields are needed now).
> 2) there is a error in virt-pki-validate :
> when determining whether host name matches CN name you assume, that CN is
> standing in the end. So I get an error:
>
> The server certificate does not seem to match the host name
> hostname: "barni"
> Server certificate CN: "barni,O=libvirt.org"
>
> CN field is standing at the beginning of line.
>
> Seems that these are the appropriate lines in code:
>
> 258 S_HOST=`"$CERTOOL" -i --infile
"$LIBVIRT/servercert.pem" | grep
> Subject: | sed 's+.*CN=\([a-zA-Z\. _-]*\)+\1+'`
> 259 if test "$S_HOST" != "`hostname -s`" &&
test "$S_HOST" != "`hostname`"
>