On Mon, Jan 10, 2011 at 03:51:42PM +0100, Matthias Bolte wrote: > 2011/1/8 Justin Clift <jclift@xxxxxxxxxx>: > > Hi guys, > > > > Created the windows libvirt 0.8.7 installer using Matthias's updated scripting: > > > > Âhttp://libvirt.org/sources/win32_experimental/Libvirt-0.8.7-0.exe > > > > Does someone have time to test and confirm it's ok, before we point to it from > > the website? > > > > Arnaud, this version of the installer adds the virsh bin directory to the system PATH > > variable. ÂSo I'm thinking don't need to copy the libvirt dll's around, when using > > your C# bindings. > > > > If you've have time to test that, it would be great. ÂCould then update the web page > > with that info. :) > > > > Regards and best wishes, > > > > Justin Clift > > The readme suggests (at least to me) that the TLS certs for libvirt's > TLS transport and the ESX driver using HTTPS are the same: > > "TLS certificates are needed prior to connecting to either > QEMU instances with TLS, or connecting to VMware > ESX/vSphere." > > Yes, the ESX driver (actually libcurl) needs to know the cacert.pem > for the key that signed the HTTPS certificate in order to verify the > server's certificate. That's what you can disable using the > no_verify=1 query parameter. But HTTPS doesn't do mutual verification > as libvirt's TLS transport does. There is no clientcert/key.pem > involved in HTTPS. Actually HTTPS as a generic protcool *can* do mutual authentication requiring a client certificate - the Fedora build system uses this capability. Whether libcurl implements support for this, and whether VMWare ESX server requests it, are the actual questions to ask :-) Daniel -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list