[libvirt-users] libvirt authentication

Anastasiya Ruzhanskaya anastasiya.ruzhanskaya at frtk.ru
Mon Dec 11 06:25:16 UTC 2017

I also wanted to know,
where the information about current session is sent?
In which structures ( I actually didn't find this in code)?
Is it appended to every sent procedure or not? Or maybe libvirt checks in
some other way ?

Thank you.

2017-12-10 20:57 GMT+01:00 Anastasiya Ruzhanskaya <
anastasiya.ruzhanskaya at frtk.ru>:

> Hello,
> I am currently trying to install certificates for tls. By this time I have
> got some questions:
> 1) Is documentation in the web docs up-to-date regarding tls server,
> client, ca certificates? (actually I have some problems, but maybe this is
> due to smth has changed in certtools and was not updated in docs, perhaps
> some more fields are needed now).
> 2) there is a error in virt-pki-validate :
> when determining whether host name matches CN name you assume, that CN is
> standing in the end. So I get an error:
> The server certificate does not seem to match the host name
> hostname: "barni"
> Server certificate CN: "barni,O=libvirt.org"
> CN field is standing at the beginning of line.
> Seems that these are the appropriate lines in code:
> 258  S_HOST=`"$CERTOOL" -i --infile "$LIBVIRT/servercert.pem" | grep
> Subject: | sed 's+.*CN=\([a-zA-Z\. _-]*\)+\1+'`
> 259  if test "$S_HOST" != "`hostname -s`" && test "$S_HOST" != "`hostname`"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20171211/a4b10da3/attachment.htm>

More information about the libvirt-users mailing list