@@ -41,6 +41,9 @@ Uncomment the lines: *spice_listen="0.0.0.0"*, *spice_tls=1* and *spice_tls_x50
Add path in Apparmor
--------------------
You may want to add this path to Apparmor, in some Linux distributions it is not
necessary, ie Ubuntu from 18.04.
Add ``/etc/pki/libvirt-spice/** r,`` in ``/etc/apparmor.d/abstractions/libvirt-qemu``
::
...
...
@@ -54,60 +57,12 @@ Add ``/etc/pki/libvirt-spice/** r,`` in ``/etc/apparmor.d/abstractions/libvirt-q
Create self signed certificate
------------------------------
Perform the following script, to generate the cert files for ssl , and then copy ``*.pem`` file into ``/etc/pkil/libvirt-spice`` directory: (`source <http://fedoraproject.org/w/index.php?title=QA:Testcase_Virtualization_Manually_set_spice_listening_port_with_TLS_port_set>`_)
Download and run the
`create_cert.sh <http://ravada.readthedocs.io/en/latest/docs/create_cert.sh>`__ script from this documentation.
Whatever method you use to generate the certificate and key files, the Common Name value used for the server and client certificates/keys must each differ from the Common Name value used for the CA certificate. Otherwise, the certificate and key files will not work for servers compiled using OpenSSL.