GitHub user dcontiveros-nf closed a discussion: Quick question about keystore (jks) requirement
Hello fellow cloudstack users/admins. I had a quick question concerning JKS requirements. From what I understand, this is the join procedure from an agent's viewpoint: 1. The agent communicates to the management server on port `8250`, 2. A certificate sent over the handshake and entries added to `cloud.jks`. 3. Libvirt transfers will only work for this: > Starting 4.11.1, a KVM host is considered secured when it has its keystore > and certificates setup for both the agent and libvirtd process. A secured > host will only allow and initiate TLS enabled live Instance migration. This > requires libvirtd to listen on default port 16514, and the port to be allowed > in the firewall rules Is there a way to disable this functionality? We are in PoC stage and starting to fully automate a lot of these prereqs. We have some custom tooling around `.jks` generation, but am just wondering if this part is mandatory for functionality. Thanks! GitHub link: https://github.com/apache/cloudstack/discussions/10784 ---- This is an automatically sent email for users@cloudstack.apache.org. To unsubscribe, please send an email to: users-unsubscr...@cloudstack.apache.org
