]> git.ipfire.org Git - thirdparty/libvirt.git/commitdiff
libvirtd: clarify the TLS conf default value setting
authorChen Hanxiao <chenhanxiao@gmail.com>
Sun, 21 Jan 2018 14:39:34 +0000 (22:39 +0800)
committerJohn Ferlan <jferlan@redhat.com>
Mon, 22 Jan 2018 16:02:51 +0000 (11:02 -0500)
Provide more details related to the requirement that setting one
of the values requires setting all of them.

Signed-off-by: Chen Hanxiao <chenhanxiao@gmail.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
daemon/libvirtd.conf

index 8e0c0d96d24aa4938b1cc5f09421600d2d549b18..91b3f47deccfd7da294c5355f7b0f1793700e6c0 100644 (file)
 # TLS x509 certificate configuration
 #
 
+# Use of TLS requires that x509 certificates be issued. The default locations
+# for the certificate files is as follows:
+#
+#   /etc/pki/CA/cacert.pem                 - The CA master certificate
+#   /etc/pki/libvirt/servercert.pem        - The server certificate signed with
+#                                            the cacert.pem
+#   /etc/pki/libvirt/private/serverkey.pem - The server private key
+#
+# It is possible to override the default locations by altering the 'key_file',
+# 'cert_file', and 'ca_file' values and uncommenting them below.
+#
+# NB, overriding the default of one location requires uncommenting and
+# possibly additionally overriding the other settings.
+#
 
 # Override the default server key file path
 #