• A
    conf: Introduce TLS options for VxHS block device clients · bd6fdcd8
    Ashish Mittal 提交于
    Add a new TLS X.509 certificate type - "vxhs". This will handle the
    creation of a TLS certificate capability for properly configured
    VxHS network block device clients.
    
    The following describes the behavior of TLS for VxHS block device:
    
      (1) Two new options have been added in /etc/libvirt/qemu.conf
          to control TLS behavior with VxHS block devices
          "vxhs_tls" and "vxhs_tls_x509_cert_dir".
      (2) Setting "vxhs_tls=1" in /etc/libvirt/qemu.conf will enable
          TLS for VxHS block devices.
      (3) "vxhs_tls_x509_cert_dir" can be set to the full path where the
          TLS CA certificate and the client certificate and keys are saved.
          If this value is missing, the "default_tls_x509_cert_dir" will be
          used instead. If the environment is not configured properly the
          authentication to the VxHS server will fail.
    Signed-off-by: NAshish Mittal <Ashish.Mittal@veritas.com>
    Signed-off-by: NJohn Ferlan <jferlan@redhat.com>
    bd6fdcd8
test_libvirtd_qemu.aug.in 3.4 KB