mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-25 01:34:11 +03:00
qemu.conf: Clarify the various _tls_x509_cert_dir descriptions
https://bugzilla.redhat.com/show_bug.cgi?id=1458630 Apparantly commit id 'dc4c2f75a' wasn't specific enough, so here's a few more clarifications.
This commit is contained in:
parent
9e02e4348c
commit
c9f7a04e28
@ -13,8 +13,9 @@
|
|||||||
#
|
#
|
||||||
# dh-params.pem - the DH params configuration file
|
# dh-params.pem - the DH params configuration file
|
||||||
#
|
#
|
||||||
# If the directory does not exist or contain the necessary files, QEMU
|
# If the directory does not exist, libvirtd will fail to start. If the
|
||||||
# domains will fail to start if they are configured to use TLS.
|
# directory doesn't contain the necessary files, QEMU domains will fail
|
||||||
|
# to start if they are configured to use TLS.
|
||||||
#
|
#
|
||||||
# In order to overwrite the default path alter the following. This path
|
# In order to overwrite the default path alter the following. This path
|
||||||
# definition will be used as the default path for other *_tls_x509_cert_dir
|
# definition will be used as the default path for other *_tls_x509_cert_dir
|
||||||
@ -87,8 +88,9 @@
|
|||||||
|
|
||||||
# In order to override the default TLS certificate location for
|
# In order to override the default TLS certificate location for
|
||||||
# vnc certificates, supply a valid path to the certificate directory.
|
# vnc certificates, supply a valid path to the certificate directory.
|
||||||
# If the provided path does not exist then the default_tls_x509_cert_dir
|
# If the provided path does not exist, libvirtd will fail to start.
|
||||||
# path will be used.
|
# If the path is not provided, but vnc_tls = 1, then the
|
||||||
|
# default_tls_x509_cert_dir path will be used.
|
||||||
#
|
#
|
||||||
#vnc_tls_x509_cert_dir = "/etc/pki/libvirt-vnc"
|
#vnc_tls_x509_cert_dir = "/etc/pki/libvirt-vnc"
|
||||||
|
|
||||||
@ -172,8 +174,9 @@
|
|||||||
|
|
||||||
# In order to override the default TLS certificate location for
|
# In order to override the default TLS certificate location for
|
||||||
# spice certificates, supply a valid path to the certificate directory.
|
# spice certificates, supply a valid path to the certificate directory.
|
||||||
# If the provided path does not exist then the default_tls_x509_cert_dir
|
# If the provided path does not exist, libvirtd will fail to start.
|
||||||
# path will be used.
|
# If the path is not provided, but spice_tls = 1, then the
|
||||||
|
# default_tls_x509_cert_dir path will be used.
|
||||||
#
|
#
|
||||||
#spice_tls_x509_cert_dir = "/etc/pki/libvirt-spice"
|
#spice_tls_x509_cert_dir = "/etc/pki/libvirt-spice"
|
||||||
|
|
||||||
@ -224,8 +227,9 @@
|
|||||||
|
|
||||||
# In order to override the default TLS certificate location for character
|
# In order to override the default TLS certificate location for character
|
||||||
# device TCP certificates, supply a valid path to the certificate directory.
|
# device TCP certificates, supply a valid path to the certificate directory.
|
||||||
# If the provided path does not exist then the default_tls_x509_cert_dir
|
# If the provided path does not exist, libvirtd will fail to start.
|
||||||
# path will be used.
|
# If the path is not provided, but chardev_tls = 1, then the
|
||||||
|
# default_tls_x509_cert_dir path will be used.
|
||||||
#
|
#
|
||||||
#chardev_tls_x509_cert_dir = "/etc/pki/libvirt-chardev"
|
#chardev_tls_x509_cert_dir = "/etc/pki/libvirt-chardev"
|
||||||
|
|
||||||
@ -276,8 +280,9 @@
|
|||||||
# This is used to authenticate the VxHS block device clients to the VxHS
|
# This is used to authenticate the VxHS block device clients to the VxHS
|
||||||
# server.
|
# server.
|
||||||
#
|
#
|
||||||
# If the provided path does not exist then the default_tls_x509_cert_dir
|
# If the provided path does not exist, libvirtd will fail to start.
|
||||||
# path will be used.
|
# If the path is not provided, but vxhs_tls = 1, then the
|
||||||
|
# default_tls_x509_cert_dir path will be used.
|
||||||
#
|
#
|
||||||
# VxHS block device clients expect the client certificate and key to be
|
# VxHS block device clients expect the client certificate and key to be
|
||||||
# present in the certificate directory along with the CA master certificate.
|
# present in the certificate directory along with the CA master certificate.
|
||||||
@ -294,7 +299,8 @@
|
|||||||
|
|
||||||
# In order to override the default TLS certificate location for migration
|
# In order to override the default TLS certificate location for migration
|
||||||
# certificates, supply a valid path to the certificate directory. If the
|
# certificates, supply a valid path to the certificate directory. If the
|
||||||
# provided path does not exist then the default_tls_x509_cert_dir path
|
# provided path does not exist, libvirtd will fail to start. If the path is
|
||||||
|
# not provided, but migrate_tls = 1, then the default_tls_x509_cert_dir path
|
||||||
# will be used. Once/if a default certificate is enabled/defined, migration
|
# will be used. Once/if a default certificate is enabled/defined, migration
|
||||||
# will then be able to use the certificate via migration API flags.
|
# will then be able to use the certificate via migration API flags.
|
||||||
#
|
#
|
||||||
|
Loading…
Reference in New Issue
Block a user