[libvirt] libvirt tls vnc
Michael Kress
kress at hal.saar.de
Thu Feb 26 20:07:16 UTC 2009
Radek Hladik wrote:
> Michael Kress napsal(a):
>> 2009.02.26 19:09:44 LOG7[14644:3086588128]: Certificate:
>> /home/kress/keys/client-cert.pem
>> 2009.02.26 19:09:44 LOG7[14644:3086588128]: Certificate loaded
>> 2009.02.26 19:09:44 LOG7[14644:3086588128]: Key file:
>> /home/kress/keys/client-cert.pem
>> 2009.02.26 19:09:44 LOG3[14644:3086588128]: error stack: 140B3009 :
>> error:140B3009:SSL routines:SSL_CTX_use_RSAPrivateKey_file:PEM lib
>> 2009.02.26 19:09:44 LOG3[14644:3086588128]:
>> SSL_CTX_use_RSAPrivateKey_file: 906D06C: error:0906D06C:PEM
>> routines:PEM_read_bio:no start line
>> vncviewer: VNC server closed connection
>
> Is the private key stored in client-cert.pem with the certificate
> itself? I've noticed you generate client-key.pem but I am not sure
> whether you combine these two files somewhere. The lines from log
> state that the private key can not be found in
> /home/kress/keys/client-cert.pem
These are the contents (will change them anyways, so I can post them):
=================================
ca-cert.pem
=================================
-----BEGIN CERTIFICATE-----
MIIC4DCCAcqgAwIBAgIESabNHzALBgkqhkiG9w0BAQUwEzERMA8GA1UEAxMIbXlz
ZXJ2ZXIwHhcNMDkwMjI2MTcxMDU1WhcNMTAwMjI2MTcxMDU1WjATMREwDwYDVQQD
EwhteXNlcnZlcjCCAR8wCwYJKoZIhvcNAQEBA4IBDgAwggEJAoIBALnbDviQvkjf
MpNVtvFTQMgKbREF/DthdA0/1q+2a0o0C9x68OUbKZSjcMlMOnBTBqlVNQKUzjCQ
dOm+gjdGAdkd2knRamI2U45HhCFthpbVqtKOjFlGOF8SYUZWdyk5ZPd10icoZzmr
JuQU5548iz0T8NAHI0fulAQOwzWqAcsTenzQgfLZMHoJJzI9L6voyfl9vJ4kryMq
Q1krq/gCCKkTJ7GFxaypLgkvv9XbrH0B6B1OdAg+00n/zbiQ3397DJLD46Snuf+m
7jJTuvIUAwNINjqu0oaB/onHiVkwIXsU2uJ3Qa6kDUOZVdamg+4swZKvNYQ77BGv
NzNZc55j+m8CAwEAAaNDMEEwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMD
BwQAMB0GA1UdDgQWBBSt2uXIRM736ObtWlNLQz+iQj2sjTALBgkqhkiG9w0BAQUD
ggEBAKiPyK1g0Vt+7fHK8eUzlexPtBpLTv39QVDWuWU+sjlekJ3pDqXTD/a5Q6qk
LabR0vx1b2mGMu60aQu6PyQ+RQLHhnEVV3lvho2mHZX9yyHQ+qMBdrHG2LJptAs0
XhfQMjQ6EDfas4n5NoomE6bG7J19xNPBlHdgpW89j71QZRGGxDCyMXVM/XGnpue4
7xdiarXf6VNCQK4R1zE8lTxBDd0WNP/ouf5N9I1FDUY0hv6/iDJnBXATjp7m2yWq
P1VdTG5WmVURa3HyB2aEdBrgWheJAfQjLhwqUp2UP3J2q2AFaLvVu4+j6Q80HhXR
au3hltqODnruKdcJgYNr3+/Edjg=
-----END CERTIFICATE-----
=================================
cacert.pem
=================================
-----BEGIN CERTIFICATE-----
MIIC4DCCAcqgAwIBAgIESabNHzALBgkqhkiG9w0BAQUwEzERMA8GA1UEAxMIbXlz
ZXJ2ZXIwHhcNMDkwMjI2MTcxMDU1WhcNMTAwMjI2MTcxMDU1WjATMREwDwYDVQQD
EwhteXNlcnZlcjCCAR8wCwYJKoZIhvcNAQEBA4IBDgAwggEJAoIBALnbDviQvkjf
MpNVtvFTQMgKbREF/DthdA0/1q+2a0o0C9x68OUbKZSjcMlMOnBTBqlVNQKUzjCQ
dOm+gjdGAdkd2knRamI2U45HhCFthpbVqtKOjFlGOF8SYUZWdyk5ZPd10icoZzmr
JuQU5548iz0T8NAHI0fulAQOwzWqAcsTenzQgfLZMHoJJzI9L6voyfl9vJ4kryMq
Q1krq/gCCKkTJ7GFxaypLgkvv9XbrH0B6B1OdAg+00n/zbiQ3397DJLD46Snuf+m
7jJTuvIUAwNINjqu0oaB/onHiVkwIXsU2uJ3Qa6kDUOZVdamg+4swZKvNYQ77BGv
NzNZc55j+m8CAwEAAaNDMEEwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMD
BwQAMB0GA1UdDgQWBBSt2uXIRM736ObtWlNLQz+iQj2sjTALBgkqhkiG9w0BAQUD
ggEBAKiPyK1g0Vt+7fHK8eUzlexPtBpLTv39QVDWuWU+sjlekJ3pDqXTD/a5Q6qk
LabR0vx1b2mGMu60aQu6PyQ+RQLHhnEVV3lvho2mHZX9yyHQ+qMBdrHG2LJptAs0
XhfQMjQ6EDfas4n5NoomE6bG7J19xNPBlHdgpW89j71QZRGGxDCyMXVM/XGnpue4
7xdiarXf6VNCQK4R1zE8lTxBDd0WNP/ouf5N9I1FDUY0hv6/iDJnBXATjp7m2yWq
P1VdTG5WmVURa3HyB2aEdBrgWheJAfQjLhwqUp2UP3J2q2AFaLvVu4+j6Q80HhXR
au3hltqODnruKdcJgYNr3+/Edjg=
-----END CERTIFICATE-----
=================================
ca-key.pem
=================================
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAudsO+JC+SN8yk1W28VNAyAptEQX8O2F0DT/Wr7ZrSjQL3Hrw
5RsplKNwyUw6cFMGqVU1ApTOMJB06b6CN0YB2R3aSdFqYjZTjkeEIW2GltWq0o6M
WUY4XxJhRlZ3KTlk93XSJyhnOasm5BTnnjyLPRPw0AcjR+6UBA7DNaoByxN6fNCB
8tkwegknMj0vq+jJ+X28niSvIypDWSur+AIIqRMnsYXFrKkuCS+/1dusfQHoHU50
CD7TSf/NuJDff3sMksPjpKe5/6buMlO68hQDA0g2Oq7ShoH+iceJWTAhexTa4ndB
rqQNQ5lV1qaD7izBkq81hDvsEa83M1lznmP6bwIDAQABAoIBAADC7X5GNYld5Lqm
zL+TXD4VkNnTgPOLVCrjupDwueLNcMj/9fGyWUrDGqiwd8LTDEFwWG3Ax1F6nggB
IE5yqnpFvYm04m8xkskP8PIkHTuL942ySM/q0jtNe3mKzCUul4POB0TizP12/otL
rKFA1T80UDXB+bqHNzMHDnSvVB+NXJRe093M5JJ5rjx0SfsSzhB1e7sOwlyAOOw+
FsgYTWSaTg9lCMoLp1B24Yb29G25tLwRZVkZINaZSS70R+5fcLBRzxX2JS/FmlwM
21Xt/R+cCVYIW8zM6XM/6CQQZoXzsQudBRzvk03mOJzpXXC1BHI5soJXZlFviYlf
bkcLPaECgYEAw8BHAZo1SRDK0jjb8aHftPC8nFbAMUIaRS+Adj78ad+oSIup2WEi
eC4VXleYYp0zMsJjJeV466qNpaNTBzA9XDcMI1EtiPn6UaJZBObQcdZtTKM+5pPz
23HTHiVJ7P5JWY7kMnuGnDne8c2AaTtmacVPB4FsDQqD4njZ1S1atM8CgYEA8w8Z
PunLHeIXCgAHrjM86eCqEAf/gPfdiHIejb21itreFU3QTmx5fuuaJobcaxKwPHuw
RY99Bt67TYPgCjgBFiEVR3UatK00Wibk5ANTuZpZS7sBe0oR80RtIkq+E7v+hF9u
IsmUZKrWB2zODUgHgf/Ff35evGJcdbVJIRZxCGECgYA7ji1MRIF/uFcsvFXWXxxz
rWaE3jPdCLJ7aCdaUnFzOLO3Vp6XX2EgVUz1Bgt7vT4NbGzD49v1P0+XHGivYDLa
8niD6jfDW+KXoaAZyKuUZtucHHKPrmXb1vaXTlr+eqMQV1QAM+rRbx3wTUiLO6I9
/eS8cNjR4ugbKA+GNyVIqwKBgQDn8pen9xnzeYd87oxly9WsZs5DoC5Ol7sb87N+
lfSB/t2CPRC1VkUXPqSLcZU0xM/T2EFeEFFC1hiuH1QUzF8VDBsvZuxGUSethIJX
qWkjrMzcPShrzEKXAMyYtfTwBi4biqoinnVzH6hBy65S9FLd1wRU53ZmlgMf/RE9
dxoE4QKBgQC1pGzpYsyrQfV6ZYRBN9OQoU24Hn4yTvT0wGJGUiVTyAVgoVWWQPec
2e+jkH12jhYq1Aw9Wh7C7sPGPuyxL4Olobgmmx3vsNQvITk468dIahQD6lGEi8qM
nQDpx8xPYHtTvrdojB8iHA8YzfA4XvzTZ8Hhn8RhS3PcYH0FYDRwHg==
-----END RSA PRIVATE KEY-----
=================================
client-cert.pem
=================================
-----BEGIN CERTIFICATE-----
MIIDXzCCAkmgAwIBAgIESabNHzALBgkqhkiG9w0BAQUwEzERMA8GA1UEAxMIbXlz
ZXJ2ZXIwHhcNMDkwMjI2MTcxMDU1WhcNMTAwMjI2MTcxMDU1WjBfMQswCQYDVQQG
EwJERTEXMBUGA1UEChMObXlvcmdhbml6YXRpb24xEDAOBgNVBAcTB0hvbWJ1cmcx
ETAPBgNVBAgTCFNhYXJsYW5kMRIwEAYDVQQDEwlsb2NhbGhvc3QwggEfMAsGCSqG
SIb3DQEBAQOCAQ4AMIIBCQKCAQCawDoza7KFSs6ysAqdRjh6QTTBkkj4VEvD1fgJ
B+Vm04YVnxlbkzvcI0UvO6Xt/yr3sAj6Nx6hYezP+hmr2r2fj3W5VMkYXAsJVB3F
HMNGfm9XVvKwSEDpz5UEgXKP2rzN6x168S9HeqlLiVj/QDnZfoRBu4SNBOCOcPpz
iB391KXylMoIydh+74LkNqXx5g+DqSz3fWrViBv9XJ8ZCHfKSDGAVivHetOTv4R2
Kkb0UA2+Geul1qo4j7VsICSIeidGXU2FQctXDNt/Oeom0vwWvN6cLAts58y8sl8D
zw68p/sUHYYT3YpjmZ8xYPzUre9KnBvxCK21H4EOavfls3XXAgMBAAGjdjB0MAwG
A1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweg
ADAdBgNVHQ4EFgQUormnYZdAF9y6nJGOixTZbCSIFrQwHwYDVR0jBBgwFoAUrdrl
yETO9+jm7VpTS0M/okI9rI0wCwYJKoZIhvcNAQEFA4IBAQArsy5kFv5fz7YBllgZ
4MIg3Fi4czGWR/V5GO2462vMa/2f8V9t9yEgLFeXDyq8UYcjzmcY3N/p6kyzNy9g
ultf97jW/+WB11yaCHTj0RQ2talZxkvMc2lMpSqvsRdx5MA0Q6Xu8DQo9Ie8OHi3
jNOCRIvjy8f3+FJixcgz7qyIvvqrrHNc+E4eHXGYMtKPAAqc+IGUEUepkbgrEBKP
Q/qs8xg0T1vCAIZvto6yo7urRfC5n/qNkHiGd2bGbXv719qaYM2wbMEeDexrLRPW
f0Lkj2hLD7hTRkjAoqh/wCKYjTyYLZJtX7V2m0BJ6UxR5AIvbpratMyYuXL+zOcr
HhYM
-----END CERTIFICATE-----
=================================
client-key.pem
=================================
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAmsA6M2uyhUrOsrAKnUY4ekE0wZJI+FRLw9X4CQflZtOGFZ8Z
W5M73CNFLzul7f8q97AI+jceoWHsz/oZq9q9n491uVTJGFwLCVQdxRzDRn5vV1by
sEhA6c+VBIFyj9q8zesdevEvR3qpS4lY/0A52X6EQbuEjQTgjnD6c4gd/dSl8pTK
CMnYfu+C5Dal8eYPg6ks931q1Ygb/VyfGQh3ykgxgFYrx3rTk7+EdipG9FANvhnr
pdaqOI+1bCAkiHonRl1NhUHLVwzbfznqJtL8FrzenCwLbOfMvLJfA88OvKf7FB2G
E92KY5mfMWD81K3vSpwb8QittR+BDmr35bN11wIDAQABAoIBAAmdeABJ6MWvaDhi
B8bN3iR6eLSuSipj0nFQkiC9hNtmuSYOxJyUAVwkNOBCbITlHd5V6bjiQ9zzIKur
dnzfEnkfiMkDI5uH3Iev2kmtB9URdgmPNXUOiDn+09t7z4pwpNqGiUZiRfXDAVHY
LtdtPirtWXpcFFhOvUUcb/NNuc9Tll29pTnsjEh35/mQnThFQfug/iaPxYm6f46P
hsnpzsCMIpa6rO2HqMMN30D4c9fnDe97gzX4LqL6EbX4MszTOF/4QKEiRl8jOvNF
dSTNyF/guzbpttbHu5Qrfb7w0nhbaJTFoji7+W+T7dRb9rCYfuGBMeYkIWm1Ts2h
EbHvXAECgYEAwapRygjaOmD5gyP8saGgNKjHd+3F0ZX6Zrm8Ynhu4y4WjxzIf3ku
Jy/bE0gJqxHNZ0AAAa9TPtx01uZ7AZO1oa67GYVxtoL5HyqWzIVnbN2EC+fDvBeO
Y+fuwAupp1EbxlnzqZzTsV+Aa4uJN5wUDvyDMZUUwUgHS2dB5KirshcCgYEAzI9t
kF9iZvr+hXE6B990/YCqxiqKE1675fvDG1eil3rRX9He66oM6BH/dMYJK7SPXCX+
leCsXxcoJ3JpvYxHds5qVp2OOfUrvvCGa/K2rQtiX41e5S41jU0G5TqgCMq87s5k
xO3Y7Oka36M3I30Nlj8BEB84WjRXjHpn/Gq7ckECgYEAv+/FT66mWeVyZH5uGr5M
wOPljP6iZ610lgrOoekqPQ2YXg3wyCWZkEzlmp5ytpDWOdY8K29P2aU0Ryf2EQIL
qUo7NHgE0xXLQRA8lEZC0qpYDFSOsQPHo0xiWwM0CRdhp5vO2fML+2bjJ7MLM4oE
dzXb8HAIOebhE+IqdCyWvdECgYAwoGvAJRyENGgqmobb9j+eP2bZIqWeAygRfK6d
olBxR+3bpE0kolDdHeInBSiK7ioiEpoZUMZI+H1AG0+NknougNUAcAWuO1zBz/V0
VccdDZa99iI3wqtSQpxAA5alYGRXNFL6CTxG3QbZYLgrxH9lVubOyU0hDE4/g52S
gGC8wQKBgGAl5uTTzzpZ8N3n+qoF6Q01DsnqlJ6dnoVFLBse4PXBoAw0rxHBhjOW
3sGI/7gpuA7GhRshHQy7JRJU8qGwr3fAUjRUt9jMDIriUgqJXWb+DjnTzkDDgGjB
BZQiHWmFDI5dZeufbdfnei0VUcjs3ajM131rq3+vnsz1LXiQK56U
-----END RSA PRIVATE KEY-----
=================================
server-cert.pem
=================================
-----BEGIN CERTIFICATE-----
MIIDLjCCAhigAwIBAgIESabNHzALBgkqhkiG9w0BAQUwEzERMA8GA1UEAxMIbXlz
ZXJ2ZXIwHhcNMDkwMjI2MTcxMDU1WhcNMTAwMjI2MTcxMDU1WjAuMRgwFgYDVQQK
Ew9teSBvcmdhbml6YXRpb24xEjAQBgNVBAMTCWxvY2FsaG9zdDCCAR8wCwYJKoZI
hvcNAQEBA4IBDgAwggEJAoIBALxJ4SYt2HpAPBhYDAhtluv/qS+QmeUR0tQCyhsC
yBDVip0cLJGtogKRFgZjdOxg8jnKtN3yy5+FLFvLhTJyULeFgr+HJpIDpyL1EvcD
/Cj8I1i7nUoRJn8bDFAUD20/DOO6yIFElYnSngYAZK14ZabZnSoBdRZ30NQAohfC
77617WhwHIPy5ofInsmpW7UEZvtYs2AzNQZIumkoujcL0/4Df1PxfmRS21xQzg55
fdgX0sZ4G7heL4ML9AwGXuzdfByRn+vNosVoE87vZw9V+qkcYXB8IhjBi19PaPYF
Rfpvg0SmLduqnlNO0xwDPgyLXT8Uj8G5mw/6axq/e1LrTs8CAwEAAaN2MHQwDAYD
VR0TAQH/BAIwADATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AA
MB0GA1UdDgQWBBT6T5yqvjHnut3nkB79COhJ33T0GjAfBgNVHSMEGDAWgBSt2uXI
RM736ObtWlNLQz+iQj2sjTALBgkqhkiG9w0BAQUDggEBAF3tXwAz8nVaNAlKTJ3S
dFunWyWRorfEdPbDMD1MfVbbmwUMnVOCp2jtyLJgcwwyhi1QWphGHKPivRdgZ1po
mgBEvdmHU1/ednAWNIFNYuUAhD3el6CL6/wpoLfaWbhu8cMDIj4Jnd9IPKnu8qnD
B2htS8Jt4k2iWXK6/jqZ89Zl8hr5YTGtN5WXTKRUar+JHFbE23oZPLxAcHrtwrkD
yvYdxwzMScY+o/q1gDXbNydYDESN407uat6KaG6RhI+nJIfG/eJ0MaVFQulJG+SC
Ey0GmL6TlzvO+dMwlt7fgwSuLEQhU89aCaUbC59q0d8TqD/7fN9RqlwQkT0cs5uI
oXI=
-----END CERTIFICATE-----
=================================
server-key.pem
=================================
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAvEnhJi3YekA8GFgMCG2W6/+pL5CZ5RHS1ALKGwLIENWKnRws
ka2iApEWBmN07GDyOcq03fLLn4UsW8uFMnJQt4WCv4cmkgOnIvUS9wP8KPwjWLud
ShEmfxsMUBQPbT8M47rIgUSVidKeBgBkrXhlptmdKgF1FnfQ1ACiF8LvvrXtaHAc
g/Lmh8ieyalbtQRm+1izYDM1Bki6aSi6NwvT/gN/U/F+ZFLbXFDODnl92BfSxngb
uF4vgwv0DAZe7N18HJGf682ixWgTzu9nD1X6qRxhcHwiGMGLX09o9gVF+m+DRKYt
26qeU07THAM+DItdPxSPwbmbD/prGr97UutOzwIDAQABAoIBAChZ+Otytcr1Syu4
atO/kLGA9+QerCyAVltjQabqQLAC45Lp/880k9zS9RJnbB5gZGjoPTy3lNXZ93iw
tBnsj8nUzgF32FdAeygtt2PCsd6isnyIsJu38zUYOdpLgkbaVUvUsrWpWhbQUVdd
7DWU8MwCJQFkkJBBGzrj69kFyNVoz3devgKols/bjYnFWJhXGG5h+JGlE2P2TKzC
yGf/6b/3v6e/Uu9Qx7t8anpxsWYDfvaslfGi5lbpJs58+1YdZ+ixAev7trxCMoiq
hpt8QIkm9yaqhlHrCuN9e/PwDFC6eKU2pSJYC2naQgMyyEGTYiM8HmSivWTzo/pf
0TPo+OECgYEAz1g3d+JdY6h/6YkPQGfwc7hJmeEsB0YM1VygtnMXVNwv+EXymvvQ
AecMl4fivDHa47G5wu7iMO5bd9fArCS22Ak6it+k/ZOw13fSiaQP0r2WYATCa9i2
atqEywYa+Ikxu8Z3XDj0UzSIrUfOwKmMSyYFp2B7W8owFqGaVKLsvp8CgYEA6Hjq
ARu7Nu4KlS9XztNmNqOQdVmF6UoEulLOiEyBwuvGFTLxQp13VDsshLRV+uf3iyzP
wry/FsWMIJCUCrCD2qCoFzLOkmu3OKSFs85p+MunPw2t61HKQpyphtFGgklv6k/9
dBgcGKtdp3OyNlSx1FCcHrzVANBaMq4LQhHQ8dECgYAqmA21A/x5V4kHWY+XhIKh
0w7TnK0lxV8niYK+WEBHv3/fOcdPzUD60xMEIfcTAA7eTYlCoT44HQ8PPHQpKNWi
5apwEuda7Dcc3FGU0u4pNacpjHDAJOG8a61x44ww2EYuM+QbPtv6J8WYCzNO4sWe
Pm5U5v4QaiWc0I/aqSmHMwKBgAmqhWhYY9dr3GrJligWaCibcnU+rK+/kSTCLq5C
KB8XuJvHC3sOmxiYgUhfSzfsj0FtMpJRUMy8mA/+kvlCz6i2h2a3iRlTe0HSrXCF
g6iBp0ma4wFm3Dca1n2xk/H05b9jZhF+syRfc7xzthRGP0Kpu2QXy++FukpjLDqq
DPsRAoGBAImoCRO1G3S6FGpTeLxBF3xPOs3sItY72+xNqmWUZMXo4cm23vJl0L11
mOvR9heJnyWvMHS4PPHPaKL+CKAIGgZobvzrxOGmq/C8ujNgqS1QbNnQgKhpI9Cs
ax5pKXBqh3XZ2VUjJZTr/BqBo0YZTN0lC21wIrc7krHxcNm6NnZ8
-----END RSA PRIVATE KEY-----
Regards
Michael
--
Michael Kress, kress at hal.saar.de
http://www.michael-kress.de / http://kress.net
P E N G U I N S A R E C O O L
More information about the libvir-list
mailing list