From: Chen Hanxiao <chenhanxiao@xxxxxxxxx> Provide more details related to the requirement that setting one of the values requires setting all of them. Signed-off-by: Chen Hanxiao <chenhanxiao@xxxxxxxxx> --- v3: description updated follow John's comments v2: fix a typo daemon/libvirtd.conf | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/daemon/libvirtd.conf b/daemon/libvirtd.conf index 8e0c0d96d..91b3f47de 100644 --- a/daemon/libvirtd.conf +++ b/daemon/libvirtd.conf @@ -182,6 +182,20 @@ # TLS x509 certificate configuration # +# Use of TLS requires that x509 certificates be issued. The default locations +# for the certificate files is as follows: +# +# /etc/pki/CA/cacert.pem - The CA master certificate +# /etc/pki/libvirt/servercert.pem - The server certificate signed with +# the cacert.pem +# /etc/pki/libvirt/private/serverkey.pem - The server private key +# +# It is possible to override the default locations by altering the 'key_file', +# 'cert_file', and 'ca_file' values and uncommenting them below. +# +# NB, overriding the default of one location requires uncommenting and +# possibly additionally overriding the other settings. +# # Override the default server key file path # -- 2.14.3 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
