<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content="text/html; charset=iso-2022-jp" http-equiv=Content-Type>
<META name=GENERATOR content="MSHTML 8.00.6001.18904">
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT size=2 face="MS UI Gothic">Hi,</FONT></DIV>
<DIV><FONT size=2 face="MS UI Gothic"></FONT> </DIV>
<DIV><FONT size=2 face="MS UI Gothic">I know this question has been asked a few
times before, but I am not able to connect to my xen hypervisor using a remote
uri.</FONT></DIV>
<DIV><FONT size=2 face="MS UI Gothic"></FONT> </DIV>
<DIV><FONT size=2 face="MS UI Gothic">Here is how I access it:</FONT></DIV>
<DIV><FONT size=2 face="MS UI Gothic">virsh -c xen://hostname/ list
--all</FONT></DIV>
<DIV><FONT size=2 face="MS UI Gothic"></FONT> </DIV>
<DIV><FONT size=2 face="MS UI Gothic">Here is the error:</FONT></DIV>
<DIV><FONT size=2 face="MS UI Gothic"></FONT> </DIV>
<DIV><FONT size=2 face="MS UI Gothic"><EM>libvir: Remote error : server
certificate failed validation: The certificate is not trusted.<BR>libvir: Remote
error : unable to connect to 'domain0.localdomain': Invalid
argument</EM></FONT></DIV>
<DIV><EM><FONT size=2 face="MS UI Gothic"></FONT></EM> </DIV>
<DIV><FONT size=2 face="MS UI Gothic">Here is the log output:</FONT></DIV>
<DIV><FONT size=2 face="MS UI Gothic"></FONT> </DIV>
<DIV><FONT size=2 face="MS UI Gothic"><EM>09:36:17.124: error :
remoteCheckCertificate: the client certificate is not trusted.<BR>09:36:17.124:
error : remoteCheckCertificate: failed to verify client's
certificate<BR>09:36:17.124: error : gnutls_record_recv: A TLS packet with
unexpected length was received.</EM></FONT></DIV>
<DIV><EM><FONT size=2 face="MS UI Gothic"></FONT></EM> </DIV>
<DIV><FONT size=2 face="MS UI Gothic">I was able to connect using xen+tcp as
follows:</FONT></DIV>
<DIV><FONT size=2 face="MS UI Gothic"></FONT> </DIV>
<DIV><FONT size=2 face="MS UI Gothic"><EM>virsh -c xen+tcp://hostname/ list
--all</EM></FONT></DIV>
<DIV><FONT size=2 face="MS UI Gothic"></FONT> </DIV>
<DIV><FONT size=2 face="MS UI Gothic">which gives me the expected list of
VMs.</FONT></DIV>
<DIV><FONT size=2 face="MS UI Gothic"></FONT> </DIV>
<DIV><FONT size=2 face="MS UI Gothic">I am using libvirt version: </FONT><FONT
size=2 face="MS UI Gothic"><EM>libvirtd (libvirt) 0.6.3</EM></FONT></DIV>
<DIV><FONT size=2 face="MS UI Gothic"></FONT> </DIV>
<DIV><FONT size=2 face="MS UI Gothic">I created the tls certificates by foll the
instrucstions given here:</FONT></DIV>
<DIV><FONT size=2 face="MS UI Gothic"><A
href="http://libvirt.org/remote.html#Remote_certificates">http://libvirt.org/remote.html#Remote_certificates</A></FONT></DIV>
<DIV><FONT size=2 face="MS UI Gothic"></FONT> </DIV>
<DIV><FONT size=2 face="MS UI Gothic">I have a few questions regarding
them:</FONT></DIV>
<DIV><FONT size=2 face="MS UI Gothic">1. While setting up CA, in the ca.info
file, what do the options "ca" and "cert_signing_key" mean?</FONT></DIV>
<DIV><FONT size=2 face="MS UI Gothic">2. While setting up server certificate, in
the "server.info" file I added "cn=domain0.localdomain". because output of
</FONT></DIV>
<DIV><FONT size=2 face="MS UI Gothic">"virsh hostname" is "domain0.localdomain",
I am correct in doing this?</FONT></DIV>
<DIV><FONT size=2 face="MS UI Gothic">3. In "libvirtd.conf" file, what does the
option "listen_addr" exactly mean?</FONT></DIV>
<DIV><FONT size=2 face="MS UI Gothic"></FONT> </DIV>
<DIV><FONT size=2 face="MS UI Gothic">Thanks and Regards,<BR>Sagar
Barve</FONT></DIV></BODY></HTML>