Hello. I have a question about libvirt remote access. I read carefully
how to set up TLS authorization guide and I have done all the steps.
Everything works, but for my virtualization infrastructure I need more flexibility. How
can I configure a single host to trust more than one certificate authority.
Lets say, for example, that I have 10 virtualization hosts and each of them has
certificates signed by the same CA (lets say CA1) and they trust each other. But I have a
client which does not have a client certificate signed by CA1, but has a certificate signed by CA2. I do not want my virtualization hosts to trust the CA2 except for just one of them. I want to provide this client with authorized access to one of my hosts. So this specific host must trust CA1 and CA2 as well, but in the '/etc/libvirt/libvirtd.conf' file I can point the
certificate of only one CA. How can I set up such a configuration ? The same question is valid for the client. How can I configure a client to trust CA1 and CA2 ?
_______________________________________________ libvirt-users mailing list libvirt-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvirt-users
