You need other options if you key file is password-protected, see manual page for details. David Alexandre DERUMIER píše v Čt 18. 04. 2013 v 14:25 +0200: > Hello, > > I'm trying to use ssl with certificates in differents locations, and I can get it work with x509-cacert-file,x509-key-file,x509-cert-file options instead x509-dir. > > Does I miss something ? > > > > working: > -------- > server : -spice tls-port=60101,disable-ticketing,x509-dir=/etc/pki/libvirt-spice > > > client : spicec -h kvmtest1.odiso.net -s 60101 --ca-file ca-cert.pem > > non working : > ------------- > server : -spice tls-port=60101,disable-ticketing,x509-cacert-file=/etc/pki/libvirt-spice/ca-cert.pem,x509-key-file=/etc/pki/libvirt-spice/server-key.pem,x509-cert-file=/etc/pki/libvirt-spice/server-cert.pem > > client : # spicec -h kvmtest1.odiso.net -s 60101 --ca-file ca-cert.pem > > > Error: SSL_CTX_load_verify_locations failed CA_file=ca-cert.pem > 140472726689016:error:0B084009:x509 certificate routines:X509_load_cert_crl_file:PEM lib:by_file.c:280: > Warning: SSL Error: error:0B084009:x509 certificate routines:X509_load_cert_crl_file:PEM lib > Error: failed to connect w/SSL, ssl_error error:00000005:lib(0):func(0):DH lib > Error: failed to connect w/SSL, ssl_error error:00000005:lib(0):func(0):DH lib > Warning: abort > Warning: SSL Error: error:00000000:lib(0):func(0):reason(0) > Warning: SSL Error: error:00000005:lib(0):func(0):DH lib > _______________________________________________ > Spice-devel mailing list > Spice-devel@xxxxxxxxxxxxxxxxxxxxx > http://lists.freedesktop.org/mailman/listinfo/spice-devel -- David Jaša, RHCE SPICE QE based in Brno GPG Key: 22C33E24 Fingerprint: 513A 060B D1B4 2A72 7F0D 0278 B125 CD00 22C3 3E24
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx http://lists.freedesktop.org/mailman/listinfo/spice-devel