Hi Laszlo, If I generate the certificate like
openssl req -new -nodes -x509 -days 365 -keyout server.key -out server.crt -config config it works perfectly fine (with the original configuration). The problem stands with the *chain* of certificates, meaning that I have a root certificate (let's call it A) and sign another one for an IP (let's call it B). Then in the image server with such IP I set the certificate B, and in the VM I trust the certificate A. Unless I missed something, this scenario is not covered in https://listman.redhat.com/archives/edk2-devel-archive/2019-October/009601.html. Could you confirm this is supposed to work? Thank you very much for your time on this, I appreciate it! Jacopo -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#110367): https://edk2.groups.io/g/devel/message/110367 Mute This Topic: https://groups.io/mt/102201552/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
