search for: mitmproxi

Hello! Does libvirt uses certificate pinning in tls? I want to setup a transparent proxy (mitmproxy) and can't do this even after I added mitmproxy ca certificate to the trusted certificates in ubuntu.

And how libvirt checks that it trusts the CA? Just simply inspects the cacert.pem file? Or it has some information inside about by which CA were signed client and server certificates and then compares against stored values? I mean can I just concatenate after signing or I need to combine two CAs before generating libvirt's client and server certificates? пн, 10 дек. 2018 г. в 13:11, Daniel P.

Re-adding the libvirt-users list - please don't take discussions off-list. On Mon, Dec 10, 2018 at 01:10:18PM +0300, Anastasiya Ruzhanskaya wrote: > I already found out how to set up all the certificates and tls works fine > for me. > What if I want to put a proxy between client and server in libvirt? He has > his own CA, and this is only one more CA I would like libvirt to trust

Ok, thank you. I will play around with it. I also noticed, that libvirt does not use this SNI extension. Actually,this not needed here, as we have only one location for server certificate, but this requires some modifications in mitmproxy, as for example tls in web browsers always include this SNI extensions. Are there maybe other big differences in tls implementation in libvirt or maybe some

Hello! I was investigating libvirt a year ago regarding it's remote control. I figured out necessary settings for configuring remote control in ubuntu (setting flags in libvirt setting files). Now I have several questions: 1) Are these flags the same for Centos? They did not worked for me. My flags for ubuntu are (for tcp for example): /etc/libvirt/libvirtd.conf : listen_tls = 0, listen_tcp