[Spice-devel] ssl work with x509-dir= but not with x509-cacert-file, x509-key-file, x509-cert-file ?
Alexandre DERUMIER
aderumier at odiso.com
Thu Apr 18 05:25:44 PDT 2013
Hello,
I'm trying to use ssl with certificates in differents locations, and I can get it work with x509-cacert-file,x509-key-file,x509-cert-file options instead x509-dir.
Does I miss something ?
working:
--------
server : -spice tls-port=60101,disable-ticketing,x509-dir=/etc/pki/libvirt-spice
client : spicec -h kvmtest1.odiso.net -s 60101 --ca-file ca-cert.pem
non working :
-------------
server : -spice tls-port=60101,disable-ticketing,x509-cacert-file=/etc/pki/libvirt-spice/ca-cert.pem,x509-key-file=/etc/pki/libvirt-spice/server-key.pem,x509-cert-file=/etc/pki/libvirt-spice/server-cert.pem
client : # spicec -h kvmtest1.odiso.net -s 60101 --ca-file ca-cert.pem
Error: SSL_CTX_load_verify_locations failed CA_file=ca-cert.pem
140472726689016:error:0B084009:x509 certificate routines:X509_load_cert_crl_file:PEM lib:by_file.c:280:
Warning: SSL Error: error:0B084009:x509 certificate routines:X509_load_cert_crl_file:PEM lib
Error: failed to connect w/SSL, ssl_error error:00000005:lib(0):func(0):DH lib
Error: failed to connect w/SSL, ssl_error error:00000005:lib(0):func(0):DH lib
Warning: abort
Warning: SSL Error: error:00000000:lib(0):func(0):reason(0)
Warning: SSL Error: error:00000005:lib(0):func(0):DH lib
More information about the Spice-devel
mailing list