search for: remote_certif

Hello! Does libvirt uses certificate pinning in tls? I want to setup a transparent proxy (mitmproxy) and can't do this even after I added mitmproxy ca certificate to the trusted certificates in ubuntu.

...stores, because public > > CAs are not relevant to libvirt deployments - indeed trusting the global > > cert store in the OS would lower security by opening it upto arbitrary > > CAs. See this doc for where libvirt finds CA certs > > > > https://libvirt.org/remote.html#Remote_certificates > > > > > > Regards, > > Daniel > > -- > > |: https://berrange.com -o- > > https://www.flickr.com/photos/dberrange :| > > |: https://libvirt.org -o- > > https://fstop138.berrange.com :| > > |: https://entangle-photo.org...

I tried to set cn=myMachine instead of cn=192.168.1.x and...everything frezees! virsh -c qemu://.../system tries to connect forever. You really need static ip addresses in the cn field?? I think this is an HUGE bug: you are saying to me that each time I change network or ip (because, dear sirs, dhcp exists) I have to generate a whole new couple of certificates?? I hope it is not the case....

Hi all, I am facing an error while connecting libvirt remotely using tls.. I have created CA, client and server certificates with RSA 1024 bit using Openssl. I am using debian linux flavor in both client and server. *Original Error:* (When trying to connect remote libvirt) virsh -c xen+tls://destinationipaddr/system error: failed to connect to the hypervisor error: authentication failed: TLS

Having newly compiled a Libvirt on a Windows Vista machine (many thanks to Matthias Bolte) I have attempted to connect to a remote Ubuntu machine using virsh.exe. However, the connection fails as follows: $ virsh -c qemu+tcp:///system error: unable to connect to libvirtd at 'localhost': errno=10061 error: failed to connect to the hypervisor 1. I have modified

Hey guys, I have a private network and I trust it! /me hides behind trees... So, in order to exercise my trust, I wanna migrate guests over TCP; with and without shared storage. This is: - I want to migrate from host1 to host2; which have shared storage; over TCP without certs - I want to migrate from host1 to host99, which don't have shared storage, over TCP without certs I am asking

...t; > CAs are not relevant to libvirt deployments - indeed trusting the > global > > > cert store in the OS would lower security by opening it upto arbitrary > > > CAs. See this doc for where libvirt finds CA certs > > > > > > https://libvirt.org/remote.html#Remote_certificates > > > > > > > > > Regards, > > > Daniel > > > -- > > > |: https://berrange.com -o- > > > https://www.flickr.com/photos/dberrange :| > > > |: https://libvirt.org -o- > > > https://fstop138.berrange.co...