[libvirt-users] Problems with tls connection when ran with user privileges
Pasquale Dir
phate867 at gmail.com
Wed Feb 26 15:31:33 UTC 2014
Ok I solved, it was just a problem with linux permits.
Anyway each time I make a connection I get this warning:
2014-02-26 13:03:25.035+0000: 10825: warning :
virNetTLSContextCheckCertKeyPurpose:364 : Certificate
/etc/pki/libvirt/clientcert.pem purpose does not allow use for with a TLS
client
I want to solve it or understand what it means and what problems could it
lead.
2014-02-26 14:05 GMT+01:00 Pasquale Dir <phate867 at gmail.com>:
> I set up my certificates, ca client and server, as described in your
> documentation: http://wiki.libvirt.org/page/TLSCreateServerCerts.
> I followed it step by step so it must be ok.
>
> However, when I run
> virsh -c qemu://192.168.1.2/system and I try a command like
> list --all
>
> I get:
> error: impossible connect to the hypervisor
> errore: no valid connection
> errore: Unable to set x509 CA certificate: /etc/pki/CA/cacert.pem: Error
> while reading file.
>
> If I run the same command with root privileges:
>
> virsh -c qemu://192.168.1.2/system
>
> everything works, anyway I get this warning too:
>
> 2014-02-26 13:03:25.035+0000: 10825: info : libvirt version: 1.1.1
> 2014-02-26 13:03:25.035+0000: 10825: warning :
> virNetTLSContextCheckCertKeyPurpose:364 : Certificate
> /etc/pki/libvirt/clientcert.pem purpose does not allow use for with a TLS
> client
>
> I don't know if it is a problem, I need to live migrate machines...
>
> Anyway, main problem is that I don't want to run virsh with root
> privileges.
> Where the problem is?
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20140226/4c9fdf46/attachment.htm>
More information about the libvirt-users
mailing list