[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] PATCH 7/8: command line args for x509 cert paths
From: |
Daniel P. Berrange |
Subject: |
Re: [Qemu-devel] PATCH 7/8: command line args for x509 cert paths |
Date: |
Wed, 1 Aug 2007 17:31:13 +0100 |
User-agent: |
Mutt/1.4.1i |
On Tue, Jul 31, 2007 at 08:54:09PM -0500, Anthony Liguori wrote:
> Daniel P. Berrange wrote:
> >This final code patch adds 4 new command line arguments to QEMU to allow
> >the
> >certificate files to be specified. The '-x509cacert', '-x509cert' and
> >'-x509key'
> >parameters are mandatory if the 'x509' or 'x509verify' flags are used when
> >setting up the VNC server. If the certificates are not provided, all client
> >authentication attempts will be rejected.
> >
>
> It concerns me a little to add 4 new command line options. Perhaps just
> supply a directory and hard code the names of each file? Then it could
> even be specified as -vnc
> [proto]:<proto-arg>[,tls[,x509[:/path/to/x509/certs]]] with a
> reasonable default provided.
Including it as part of the main vnc arg would be nice as it'd let the admin
set/change it from the monitor too. Merely specifying a directory would be
fine with me - its trivial to symlink files if the admin wants to store them
in some other way.
Dan.
--
|=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=|
|=- Perl modules: http://search.cpan.org/~danberr/ -=|
|=- Projects: http://freshmeat.net/~danielpb/ -=|
|=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: [Qemu-devel] PATCH 7/8: command line args for x509 cert paths,
Daniel P. Berrange <=