On Wed, Sep 12, 2012 at 07:20:15PM -0500, Renich Bon Ciric wrote: > Hey guys, > > I have a private network and I trust it! /me hides behind trees... > > So, in order to exercise my trust, I wanna migrate guests over TCP; > with and without shared storage. > > This is: > > - I want to migrate from host1 to host2; which have shared storage; > over TCP without certs > - I want to migrate from host1 to host99, which don't have shared > storage, over TCP without certs > > I am asking because, every time I try anythng, it complains: > error: Cannot read CA certificate '/etc/pki/CA/cacert.pem': No such > file or directory > > If I need to setup this cacert, no problem; point me to it! The libvirtd config defaults to TLS, so you need to explicitly turn that off by editing /etc/libvirt/libvirtd.conf and set listen_tls=0 and listen_tcp=1 Even though you "trust" your network, I'd still advise doing some level of auth. If you configure SASL with TCP, and use the Digest-MD5 protocol for SASL you'll get reasonably strong password auth + channel encryption. http://libvirt.org/auth.html#ACL_server_username Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| _______________________________________________ libvirt-users mailing list libvirt-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvirt-users
