These pages have covered setting up TLS on your virtualisation hosts.
Further information is available on several of the major items covered:
VNC Client configuration for TLS - Instructions for setting up several well known VNC client packages are on the VNC Client TLS Setup page.
libvirtd.conf - The libvirt daemon configuration file has more options than described in these pages. They are all shown and briefly described in the libvirt.org reference page.
certtool - The utility used to generate private keys and certificates, has its full manual page online. This includes both its command line options, and the options usable in the template file.
The X509 Trust Model - The GnuTLS pages have useful information describing the X509 certificate trust model.