[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt-users] Using certtool to generate certificates for ESXi



On Tue, Oct 29, 2013 at 06:48:46PM -0700, Shiva Bhanujan wrote:
> Hello,
> 
> I'm using certtool to generate the server certificates for ESXi -
> http://libvirt.org/remote.html#Remote_TLS_CA.  I just copy the server
> certificate and key as /etc/vmware/ssl/rui.crt and /etc/vmware/ssl/rui.key.
>  And then use virsh to connect from a CentOS 6.4 VM running on it - "virsh
> -c esx://<esx IP>.  I get the following error -
> 
> error: internal error curl_easy_perform() returned an error: Peer
> certificate cannot be authenticated with known CA certificates (60) : Peer
> certificate cannot be authenticated with known CA certificates
> error: failed to connect to the hypervisor
> 
> is there something basic that I'm missing?

I'm not sure what you're missing, but the error message means that the
VMWare server certificate was not signed by any CA certificate that
the libvirt client has access to. So it is a client side CA cert config
problem most likely.

Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]