diff --git a/docs/aclpolkit.html.in b/docs/aclpolkit.html.in index dae0814a82..dd4c5fb3ab 100644 --- a/docs/aclpolkit.html.in +++ b/docs/aclpolkit.html.in @@ -224,6 +224,10 @@
type
attribute specifies the usage category, currently
- only volume
, ceph
, and iscsi
- are defined. Specific usage categories are described below.
+ only volume
, ceph
, iscsi
,
+ and tls
are defined. Specific usage categories
+ are described below.
+ This secret may be used in order to provide the passphrase for the
+ private key used to provide TLS credentials.
+ The <usage type='tls'>
element must contain a
+ single name
element that specifies a usage name
+ for the secret.
+ Since 2.3.0.
+ The following is an example of the expected XML and processing to
+ define the secret:
+
+ # cat tls-secret.xml + <secret ephemeral='no' private='yes'> + <description>sample tls secret</description> + <usage type='tls'> + <name>TLS_example</name> + </usage> + </secret> + + # virsh secret-define tls-secret.xml + Secret 718c71bd-67b5-4a2b-87ec-a24e8ca200dc created + + # virsh secret-list + UUID Usage + ----------------------------------------------------------- + 718c71bd-67b5-4a2b-87ec-a24e8ca200dc tls TLS_example + # + ++ +
+ A secret may also be defined via the
+
+ virSecretDefineXML
API.
+
+ Once the secret is defined, a secret value will need to be set. The
+ secret would be the passphrase used to access the TLS credentials.
+ The following is a simple example of using
+ virsh secret-set-value
to set the secret value. The
+
+ virSecretSetValue
API may also be used to set
+ a more secure secret without using printable/readable characters.
+
+ # MYSECRET=`printf %s "letmein" | base64` + # virsh secret-set-value 718c71bd-67b5-4a2b-87ec-a24e8ca200dc $MYSECRET + Secret value set + ++