[libvirt-users] Using certtool to generate certificates for ESXi
Daniel P. Berrange
berrange at redhat.com
Wed Oct 30 09:45:11 UTC 2013
On Tue, Oct 29, 2013 at 06:48:46PM -0700, Shiva Bhanujan wrote:
> Hello,
>
> I'm using certtool to generate the server certificates for ESXi -
> http://libvirt.org/remote.html#Remote_TLS_CA. I just copy the server
> certificate and key as /etc/vmware/ssl/rui.crt and /etc/vmware/ssl/rui.key.
> And then use virsh to connect from a CentOS 6.4 VM running on it - "virsh
> -c esx://<esx IP>. I get the following error -
>
> error: internal error curl_easy_perform() returned an error: Peer
> certificate cannot be authenticated with known CA certificates (60) : Peer
> certificate cannot be authenticated with known CA certificates
> error: failed to connect to the hypervisor
>
> is there something basic that I'm missing?
I'm not sure what you're missing, but the error message means that the
VMWare server certificate was not signed by any CA certificate that
the libvirt client has access to. So it is a client side CA cert config
problem most likely.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvirt-users
mailing list