libvirt authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello,
I am currently trying to install certificates for tls. By this time I have got some questions:
1) Is documentation in the web docs up-to-date regarding tls server, client, ca certificates? (actually I have some problems, but maybe this is due to smth has changed in certtools and was not updated in docs, perhaps some more fields are needed now).
2) there is a error in virt-pki-validate :
when determining whether host name matches CN name you assume, that CN is standing in the end. So I get an error:

The server certificate does not seem to match the host name
hostname: "barni"
Server certificate CN: "barni,O=libvirt.org"

CN field is standing at the beginning of line.

Seems that these are the appropriate lines in code:

258  S_HOST=`"$CERTOOL" -i --infile "$LIBVIRT/servercert.pem" | grep Subject: | sed 's+.*CN=\([a-zA-Z\. _-]*\)+\1+'`
259  if test "$S_HOST" != "`hostname -s`" && test "$S_HOST" != "`hostname`"
_______________________________________________
libvirt-users mailing list
libvirt-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvirt-users
[Index of Archives]     [Virt Tools]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux