[Spice-devel] Why is the CA certificate needed on the SPICE server?
spadaccio at google.com
Wed Sep 7 07:40:54 PDT 2011
>> But what is the point of verifying a certificate that resides on the
>> server itself?
> It's not required. spice-server will happily startup and operate just fine
> without a ca certificate.
At least with qemu-kvm 0.14.1 and spice 0.8.2, the server fails to
start if the CA certificate is not specified:
do_spice_init: starting 0.8.2
reds_init_ssl: Could not use ca file
./startkvm: line 17: 10804 Aborted
Also the code in reds_init_ssl suggests that it tries to load the
default cert if one is not specified:
Maybe it is optional in the dev version?
More information about the Spice-devel