[libvirt] [PATCH v3] libvirtd: clarify the TLS conf default value setting
Chen Hanxiao
chen_han_xiao at 126.com
Sun Jan 21 14:39:34 UTC 2018
From: Chen Hanxiao <chenhanxiao at gmail.com>
Provide more details related to the requirement that setting one
of the values requires setting all of them.
Signed-off-by: Chen Hanxiao <chenhanxiao at gmail.com>
---
v3:
description updated follow John's comments
v2:
fix a typo
daemon/libvirtd.conf | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/daemon/libvirtd.conf b/daemon/libvirtd.conf
index 8e0c0d96d..91b3f47de 100644
--- a/daemon/libvirtd.conf
+++ b/daemon/libvirtd.conf
@@ -182,6 +182,20 @@
# TLS x509 certificate configuration
#
+# Use of TLS requires that x509 certificates be issued. The default locations
+# for the certificate files is as follows:
+#
+# /etc/pki/CA/cacert.pem - The CA master certificate
+# /etc/pki/libvirt/servercert.pem - The server certificate signed with
+# the cacert.pem
+# /etc/pki/libvirt/private/serverkey.pem - The server private key
+#
+# It is possible to override the default locations by altering the 'key_file',
+# 'cert_file', and 'ca_file' values and uncommenting them below.
+#
+# NB, overriding the default of one location requires uncommenting and
+# possibly additionally overriding the other settings.
+#
# Override the default server key file path
#
--
2.14.3
More information about the libvir-list
mailing list