[ovs-dev] [PATCH 3/3] ovs-pki: generate x.509 v3 certificate

Ben Pfaff blp at ovn.org
Tue Jul 3 20:04:11 UTC 2018


On Wed, Jun 27, 2018 at 10:58:44AM -0700, Qiuyu Xiao wrote:
> This patch modifies ovs-pki to generate x.509 version 3 certificate.
> Compared with the x.509 v1 certificate generated by ovs-pki, version 3
> certificate adds subjectAltName field and sets its value the same as
> common name (CN). The main reason for this change is to enable
> strongSwan IKE daemon to extract certificate identity string from the
> subjectAltName field, which makes OVN IPsec implementation easier.
> 
> Signed-off-by: Qiuyu Xiao <qiuyu.xiao.qyx at gmail.com>

Please add an item to the top-level NEWS file that explains the change.

Thanks,

Ben.


More information about the dev mailing list