qemu.conf: Re-word the description for *_tls_x509_verify

The original descirption for *_tls_x509_verify is a little misleading
by saying that "Enabling this option will reject any client who does
not have a ca-cert.pem certificate".

Signed-off-by: Fangge Jin <fjin@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>

diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf
index a96bedb114d21d737bcb802feebc7a3add8896ae..6f7d2b14f7a2c08c9619dd81aad6825fec98512d 100644 (file)
--- a/src/qemu/qemu.conf
+++ b/src/qemu/qemu.conf
@@ -109,9 +109,8 @@
 # issuing an x509 certificate to every client who needs to connect.
 #
 # Enabling this option will reject any client that does not have a
-# ca-cert.pem certificate signed by the CA in the vnc_tls_x509_cert_dir
-# (or default_tls_x509_cert_dir) as well as the corresponding client-*.pem
-# files described in default_tls_x509_cert_dir.
+# certificate (as described in default_tls_x509_verify) signed by the
+# CA in the vnc_tls_x509_cert_dir (or default_tls_x509_cert_dir).
 #
 # If this option is not supplied, it will be set to the value of
 # "default_tls_x509_verify".
@@ -248,9 +247,8 @@
 # issuing an x509 certificate to every client who needs to connect.
 #
 # Enabling this option will reject any client that does not have a
-# ca-cert.pem certificate signed by the CA in the chardev_tls_x509_cert_dir
-# (or default_tls_x509_cert_dir) as well as the corresponding client-*.pem
-# files described in default_tls_x509_cert_dir.
+# certificate (as described in default_tls_x509_verify) signed by the
+# CA in the chardev_tls_x509_cert_dir (or default_tls_x509_cert_dir).
 #
 # If this option is not supplied, it will be set to the value of
 # "default_tls_x509_verify".
@@ -375,9 +373,8 @@
 # issuing an x509 certificate to every client who needs to connect.
 #
 # Enabling this option will reject any client that does not have a
-# ca-cert.pem certificate signed by the CA in the migrate_tls_x509_cert_dir
-# (or default_tls_x509_cert_dir) as well as the corresponding client-*.pem
-# files described in default_tls_x509_cert_dir.
+# certificate (as described in default_tls_x509_verify) signed by the
+# CA in the migrate_tls_x509_cert_dir (or default_tls_x509_cert_dir).
 #
 # If this option is not supplied, it will be set to the value of
 # "default_tls_x509_verify".
@@ -412,9 +409,8 @@
 # issuing an x509 certificate to every client who needs to connect.
 #
 # Enabling this option will reject any client that does not have a
-# ca-cert.pem certificate signed by the CA in the backup_tls_x509_cert_dir
-# (or default_tls_x509_cert_dir) as well as the corresponding client-*.pem
-# files described in default_tls_x509_cert_dir.
+# certificate (as described in default_tls_x509_verify) signed by the
+# CA in the backup_tls_x509_cert_dir (or default_tls_x509_cert_dir).
 #
 # If this option is not supplied, it will be set to the value of
 # "default_tls_x509_verify".