libvirtd --listen fails with: Cannot read CA certificate '/etc/pki/CA/cacert.pem': No such file or directory
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libvirt (Ubuntu) |
Won't Fix
|
Medium
|
Unassigned |
Bug Description
Attempting to run libvirtd directly and enable the remote network driver, I run libvirtd with:
% sudo service libvirt-bin stop
% sudo /usr/sbin/libvirtd -v --listen
2012-04-11 18:27:53.674+0000: 6018: info : libvirt version: 0.9.8
2012-04-11 18:27:53.674+0000: 6018: error : virNetTLSContex
I believe the ubuntu equivalent is /etc/ca-
/etc/libvirt/
Here's the relevant section:
#######
#
# TLS x509 certificate configuration
#
# Override the default server key file path
#
#key_file = "/etc/pki/
# Override the default server certificate file path
#
#cert_file = "/etc/pki/
# Override the default CA certificate path
#
#ca_file = "/etc/pki/
# Specify a certificate revocation list.
#
# Defaults to not using a CRL, uncomment to enable it
#crl_file = "/etc/pki/
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: libvirt-bin 0.9.8-2ubuntu15
ProcVersionSign
Uname: Linux 3.2.0-22-virtual x86_64
ApportVersion: 2.0-0ubuntu4
Architecture: amd64
Date: Wed Apr 11 18:29:31 2012
Ec2AMI: ami-7569b01c
Ec2AMIManifest: (unknown)
Ec2Availability
Ec2InstanceType: t1.micro
Ec2Kernel: aki-825ea7eb
Ec2Ramdisk: unavailable
ProcEnviron:
TERM=xterm
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: libvirt
UpgradeStatus: No upgrade log present (probably fresh install)
Changed in libvirt (Ubuntu): | |
importance: | Undecided → Medium |
status: | New → Confirmed |
Thanks for reporting this bug.
Per the Ubuntu server guide (https:/ /help.ubuntu. com/10. 04/serverguide/ C/certificates- and-security. html) I believe the location should be /etc/ssl/certs/. However I'm not sure whether we want to set the default in libvirtd.conf to a sample certificate, or leave it invalid to encourage admins to create their own certificate.