On Mon, Dec 10, 2018 at 01:36:37PM +0300, Anastasiya Ruzhanskaya wrote: > Ok, thank you. I will play around with it. > > I also noticed, that libvirt does not use this SNI extension. Actually,this > not needed here, as we have only one location for server certificate, but > this requires some modifications in mitmproxy, as for example tls in web > browsers always include this SNI extensions. SNI is not relevant to libvirt as it does not use HTTP / virtual hosting. It is a completely custom binary protocol > Are there maybe other big differences in tls implementation in libvirt or > maybe some assumptions that are taken during tls handhake process? Libvirt just uses gnutls which is a standard impl. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| _______________________________________________ libvirt-users mailing list libvirt-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvirt-users
