45 lines
1.4 KiB
Diff
45 lines
1.4 KiB
Diff
From c50a7108b0090fdce43c7f9d0cef9c905c989cc5 Mon Sep 17 00:00:00 2001
|
|
Message-ID: <c50a7108b0090fdce43c7f9d0cef9c905c989cc5.1752837271.git.jdenemar@redhat.com>
|
|
From: Peter Krempa <pkrempa@redhat.com>
|
|
Date: Tue, 1 Jul 2025 13:46:59 +0200
|
|
Subject: [PATCH] kbase: tlscerts: Drop 'encryption_key' feature request
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
As TLS 1.3 performs key exchange separately from the algorithm used to
|
|
verify authenticity, the certificates for libvirt's use of TLS don't
|
|
need to require the 'encryption_key' feature any more.
|
|
|
|
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
|
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
|
(cherry picked from commit 3da460236968be1c67a38a01711d46cb257a7125)
|
|
|
|
https://issues.redhat.com/browse/RHEL-100711
|
|
---
|
|
docs/kbase/tlscerts.rst | 2 --
|
|
1 file changed, 2 deletions(-)
|
|
|
|
diff --git a/docs/kbase/tlscerts.rst b/docs/kbase/tlscerts.rst
|
|
index e4aa5bb3c9..215d454998 100644
|
|
--- a/docs/kbase/tlscerts.rst
|
|
+++ b/docs/kbase/tlscerts.rst
|
|
@@ -204,7 +204,6 @@ define the server as follows:
|
|
ip_address = 2001:cafe::74
|
|
ip_address = fe20::24
|
|
tls_www_server
|
|
- encryption_key
|
|
signing_key
|
|
|
|
The 'cn' field should refer to the fully qualified public hostname of the
|
|
@@ -298,7 +297,6 @@ briefly cover the steps.
|
|
organization = Libvirt Project
|
|
cn = client1
|
|
tls_www_client
|
|
- encryption_key
|
|
signing_key
|
|
|
|
and sign by doing:
|
|
--
|
|
2.50.1
|