Re: Using pki/ssl/tls connection.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Wed, May 03, 2023 at 17:38:16 +0200, Kamil Jońca wrote:
> I am thinking of using tls connection between my client and server
> instead of current ssh.
> I found
> and I want to know if it is
> possible to customise some setting (e.g. use my own cert names, or
> locations)
> but I was not able to.

Server-side location of the certificates can be configured in the
appropriate config file based on how your host is configured (
/etc/libvirt/virtproxyd.conf, /etc/libvirt/libvirtd.conf, you also need
to enable virtpoxyd's TLS socket).

In the config file you have the following config options:

key_file, cert_file, ca_file, crl_file

> Moreover
> suggests that these values are hardcoded.

The client file names need to conform to the expected values.

> So my questions are: is it possible to customise these values? If so,
> how? How can I configure virt-manager with two connections, each with
> different CA?

The path to the directory containing the certificates can be changed per
connection using the 'pkipath' URI argument. See:

[Index of Archives]     [Virt Tools]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux