[libvirt] TLS for libvirt remote access

Zvi Dubitzky DUBI at il.ibm.com
Thu Mar 19 18:13:01 UTC 2009

After  generating TLS certificates for Libvirt remote access , I test the 
by running  pki_check.sh and get the following  message :
The CA certificate and the client certificate do not match

What can cause this message ?

I guess this is a problem as I am trying to access remotely the host 
machine and  fail 
with a message of  :libvir: Remote error : Connection refused

That happens even if I use a client and server on the same machine and try 
: sudo virsh -c qemu://localhost/defualt.
I am using libvirt 0.6.

can I get first a connection with no certificate/encryption by using URI = 
 qemu+tcp://...    by making the needed change on the libvirtd.conf file 
on the server side  ? that did not work either 

I followed the instructions in the Libvirt Web  Site (generate a CA 
private key and certificate  then the client and server keys and 
certificates and copy them to appropriate locations),. Also restarted the 
libvirtd  with the --listen --verbose flags  on the server side 

what  can be wrong with my steps  ?

Zvi Dubitzky 
Virtualization and System Architecture   Email:dubi at il.ibm.com
IBM Haifa Research Laboratory    Phone: +972-4-8296182
Haifa, 31905, ISRAEL 

More information about the libvir-list mailing list