On Thu, Feb 28, 2013 at 11:44:02AM +0000, Richard W.M. Jones wrote: > > Still investigating, but the log is attached. > > Rich. > > -- > Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones > Read my programming blog: http://rwmj.wordpress.com > Fedora now supports 80 OCaml packages (the OPEN alternative to F#) > ========================================= > libvirt 1.0.2: tests/test-suite.log > ========================================= > > # TOTAL: 83 > # PASS: 80 > # SKIP: 2 > # XFAIL: 0 > # FAIL: 1 > # XPASS: 0 > # ERROR: 0 > > .. contents:: :depth: 2 > > FAIL: virnettlscontexttest > ========================== > > TEST: virnettlscontexttest > 1) TLS Context ... OK > 2) TLS Context ... OK > 3) TLS Context ... OK > 4) TLS Context ... OK > 5) TLS Context ... OK > 6) TLS Context ... libvir: XML-RPC error : Our own certificate servercert.pem failed validation against cacert5.pem: The certificate is not trusted. > FAILED In that test case we're creating a CA cert which has the key-usage policy set to "digital signature" instead of "key signing". However we also set the flag "non-critical" so a failing key usage policy check should still result in a pass from cert validation. Sounds like gnutls3 isn't liking this. Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list