Hi Laszlo,

If I generate the certificate like

openssl req -new -nodes -x509 -days 365 -keyout server.key -out server.crt -config config

it works perfectly fine (with the original configuration).

The problem stands with the chain of certificates, meaning that I have a root certificate (let's call it A) and sign another one for an IP (let's call it B). Then in the image server with such IP I set the certificate B, and in the VM I trust the certificate A. Unless I missed something, this scenario is not covered in https://listman.redhat.com/archives/edk2-devel-archive/2019-October/009601.html .

Could you confirm this is supposed to work?

Thank you very much for your time on this, I appreciate it!

Jacopo

_._,_._,_
Groups.io Links:

You receive all messages sent to this group.

View/Reply Online (#110367) | | Mute This Topic | New Topic
Your Subscription | Contact Group Owner | Unsubscribe [rebecca@openfw.io]

_._,_._,_