Description of problem: Support specifying an x509 certificate location in the URI, or via an auth callback. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
commit 31242565ae9a9217fb790baf89da56f5a35dc0f6 Author: Osier Yang <jyang> Date: Thu Jan 27 16:34:54 2011 +0800 remote: Add extra parameter pkipath for URI This new parameter allows user specifies where the client cerficate, client key, CA certificate of x509 is, instead of hardcoding it. If 'pkipath' is not specified, and the user is not root, try to find files in $HOME/.pki/libvirt, as long as one of client cerficate, client key, CA certificate can not be found, use default global location (LIBVIRT_CACERT, LIBVIRT_CLIENTCERT, LIBVIRT_CLIENTKEY, see src/remote/remote_driver.h) Example of use: [root@Osier client]# virsh -c qemu+tls://10.66.93.111/system?pkipath=/tmp/pki/client error: Cannot access CA certificate '/tmp/pki/client/cacert.pem': No such file or directory error: failed to connect to the hypervisor [root@Osier client]# ls -l total 24 -rwxrwxr-x. 1 root root 6424 Jan 24 21:35 a.out -rw-r--r--. 1 root root 1245 Jan 23 19:04 clientcert.pem -rw-r--r--. 1 root root 132 Jan 23 19:04 client.info -rw-r--r--. 1 root root 1679 Jan 23 19:04 clientkey.pem [root@Osier client]# cp /tmp/cacert.pem . [root@Osier client]# virsh -c qemu+tls://10.66.93.111/system?pkipath=/tmp/pki/client Welcome to virsh, the virtualization interactive terminal. Type: 'help' for help with commands 'quit' to quit virsh #