Displaying 20 results from an estimated 30000 matches similar to: "Placing tls client certificates"
2014 Jun 23
1
qemu+tls question
I`m generate TLS-certificates for my libvirtd and remote,
useing http://wiki.libvirt.org/page/TLSSetup .
>From console connect to remote host is success,
but from virt-manager -- no:
Unable to connect to libvirt.
Unable to read TLS confirmation: Input/output error
Verify that the 'libvirtd' daemon is running
on the remote host.
Libvirt URI is: qemu+tls://<remote_host>/system
2013 Apr 05
1
Libvirtd dead, pid still exists. ( Problem might be with TLS interface of libvirtd )
Dear All,
Please find few minutes from your time and guide us with some pointers if
possible.
We are facing a libvirtd crash when we are trying to connect to qemu by
default TLS transport.
# virsh -c qemu+tls://localhost/system version
error: authentication failed: TLS handshake failed A TLS packet with
unexpected length was received.
error: failed to connect to the hypervisor
I used my own CA
2011 Mar 10
2
unable to connect to libvirtd at '*': No route to host
Hi @all,
I have the following systems:
AMD Processor
Scientific Linux 6.0
Kernelversion: 2.6.32-71.18.2.el6.x86_64
KVM / Libvirt out of the repository
I've setup my TLS-Certificates with the following howto
/http://wiki.libvirt.org/page/TLSSetup/
Now I want to connect the servers with
/virsh -c qemu+tls://nebula3/system/(nebula3 is the hostname)
but the following error message always
2014 Apr 22
0
Re: TLS and intermediate CA
On Mon, Apr 21, 2014 at 04:51:00PM -0600, Nathaniel Cook wrote:
> I have been trying to get set of libvirtd system up and running. My PKI
> infrastructure involves a root CA and several intermediate CAs. I am trying
> to get the machines to trust each other across the different intermediate
> CAs.
>
> This is what I have so far:
>
> Libvirtd is starting and listening on
2018 Sep 26
1
Libvirt TLS with Short Lived Certificates
I want to use short lived certificates with libvirtd to provided TLS access
to the daemon. New certificates are generated on a daily basis and
delivered to the host. Does libvirtd re-read TLS certificates with a
reload of the service, systemctl reload libvirtd, or with a SIGHUP or is a
full restart of the daemon required?
--charlie
2014 Apr 21
2
TLS and intermediate CA
I have been trying to get set of libvirtd system up and running. My PKI
infrastructure involves a root CA and several intermediate CAs. I am trying
to get the machines to trust each other across the different intermediate
CAs.
This is what I have so far:
Libvirtd is starting and listening on tls port 16514 I have configured
client/server certs/keys and it seems to be using all of these
2013 Oct 31
0
Re: Using certtool to generate certificates for ESXi
2013/10/30 Shiva Bhanujan <sxb075@gmail.com>:
> Hi Daniel,
>
> thanks for the reply - The procedure I use is the same as I use for
> XenServer, and the certificate exchange works just fine. The only thing I'm
> a bit unclear on, is the location of the CA cert, which in the case of
> XenServer, I simply put it in /etc/pki/CA. And when I start the libvirtd
> daemon,
2013 Oct 30
2
Re: Using certtool to generate certificates for ESXi
Hi Daniel,
thanks for the reply - The procedure I use is the same as I use for
XenServer, and the certificate exchange works just fine. The only thing
I'm a bit unclear on, is the location of the CA cert, which in the case of
XenServer, I simply put it in /etc/pki/CA. And when I start the libvirtd
daemon, it successfully picks it up. If I put the Server key and cert in
/etc/vmware/ssl for
2008 Jul 01
0
self Certificate Authority, using /etc/pki/tls/misc/CA
Hello all,
lately i am facing problems with Certification Authorities.
I have used centos script /etc/pki/tls/misc/CA my own certificate authority.
In next steps i am generating requests for certificates to services such as
LDAP,NNRPD and lately signing requests with CA. My approach is to import my
own CA into Windows Vista OS as root CA and trusted, to avoid messages in
clients such as
2015 Jul 20
2
[Libvirt ] qemu+tls failed to verify peer's certificate
Dell Customer Communication
Hi everyone,
I am trying to do a virsh using TLS Certificate. I am getting an error that "error: authentication failed: Failed to verify peer's certificate"
I am following the steps mentioned in the http://wiki.libvirt.org/page/TLSSetup
I have generated CA Certificate, client certificate and server certificate and placed them as mentioned in above site.
2015 Jul 20
0
Re: [Libvirt ] qemu+tls failed to verify peer's certificate
On Mon, Jul 20, 2015 at 05:39:17PM +0530, Dhaval_Shah1@dell.com wrote:
> Dell Customer Communication
>
> Hi everyone,
>
> I am trying to do a virsh using TLS Certificate. I am getting an error that "error: authentication failed: Failed to verify peer's certificate"
> I am following the steps mentioned in the http://wiki.libvirt.org/page/TLSSetup
> I have
2011 Apr 08
1
Python API - setting client certificate path
Hi there,
I'm trying to establish a TLS connection to libvirtd with certificates
verification from a python script. My question is quite simple:
is it possible to set the client certificate/keyfile path from within a
python script? or it has to be in /etc/pki/libvirt/...
Thanks in advance for any help
Wojciech Gumularz
2008 Apr 10
1
generating tls certificates for radius under centos
Hi all,
i need to generate certificate files for radius tls. I am using CentOS 5.1
and scripts in /etc/pki/tls/misc for generated own CA key, and for own keys
signed with my CA.
For Radius i need a server certificate with xpextensions support. How can i
generate server certificate with xpextensions which will be signed with my
own CA on CentOS5.1?
Thanks in advance!
David
-------------- next
2014 Apr 22
2
Re: TLS and intermediate CA
Thanks for the response.
My current chain is as follows:
caroot -> child-ca1 -> server cert
My cacert.pem file has both the caroot and the child-ca1 certs. I have
recompiled libvirt on my machine with some extra debug statements and
verified that both the caroot cert and the child-ca1 certs are being
loaded. But when I try to connect the caroot and child-ca1 certs only
appear under the
2013 Nov 13
1
Migration function is not supported by the connection driver: virDomainMigrate2
Greetings;
I'm running Fedora 19, Xen 4.2.3, libvirt 1.0.5.6. I have two identical
servers x1 & x2. I've read http://libvirt.org/migration.html & I've
created certificates for tls according to
http://wiki.libvirt.org/page/TLSSetup
I can do this on both servers, and from a third admin server:
# virsh -c xen+tls://x1.localdomain hostname
x1.localdomain
and...
# virsh -c
2013 Jan 15
1
Adding CA/Root SSL / TLS Certificate, HTTPS
Hi,
I need to add my own and other/new self-signed ca/root cert in CentOS
pki database/system, for all/most type of apps to use.
Using "wget", i'm trying to securely(HTTPS) get gpg keys/files from
https://fedoraproject.org/keys site, which is using root cert with
following info:
CN = GeoTrust Global CA
O = GeoTrust Inc.
C= US
MD5 f7:75:ab:29:fb:51:4e:b7:77:5e:ff:05:3c:99:8e:f5
I
2014 Feb 17
0
Re: [libvirt] libvirtd ssl configuration
On Mon, Feb 17, 2014 at 12:55:25AM +0400, Гусев Павел wrote:
> Hi!
> I found little semantics bug:
>
> [13:53:40] root@dedicated-04:~ # LC_ALL=C libvirtd -h
> libvirtd: invalid option -- 'h'
>
> Usage:
> libvirtd [options]
>
> Options:
> -v | --verbose Verbose messages.
> -d | --daemon Run as a daemon & write PID file.
>
2018 Aug 31
0
Certificates
On 08/31/2018 01:47 PM, Chuck Campbell wrote:
> I am getting myself confused, and need someone who fully understands
> this process to help me out a bot.
>
> I would like to obtain an ssl certificate, so I can run my own imap
> server on a machine in my office.
>
> My domain is hosted by networksolutions, but I don't run my imap
> server there.
>
>
> I am
2019 Sep 19
0
Re: Certificate checking on TLS migrations to an IP address
On Wed, Sep 18, 2019 at 12:18:32PM +0200, Milan Zamazal wrote:
> Daniel P. Berrangé <berrange@redhat.com> writes:
>
> > On Wed, Sep 04, 2019 at 03:38:25PM +0200, Milan Zamazal wrote:
> >> Hi, I'm trying to add TLS migrations to oVirt, but I've hit a problem
> >> with certificate checking.
> >
> >>
> >> oVirt uses the destination
2014 Feb 16
2
libvirtd ssl configuration
Hi!
I found little semantics bug:
[13:53:40] root@dedicated-04:~ # LC_ALL=C libvirtd -h
libvirtd: invalid option -- 'h'
Usage:
libvirtd [options]
Options:
-v | --verbose Verbose messages.
-d | --daemon Run as a daemon & write PID file.
-l | --listen Listen for TCP/IP connections.
-t | --timeout <secs> Exit after timeout period.
-f |