[ovs-discuss] SSL to controller
Gurucharan Shetty
shettyg at nicira.com
Thu Sep 19 14:30:03 UTC 2013
On Thu, Sep 19, 2013 at 5:09 AM, Prashant Chougule
<chougulepavan at gmail.com> wrote:
> hello,
>
> I am trying to connect ovs with floodlight controller over ssl but
> i am not able to connect,
> i have created keys for the controller and for switch using ovs-pki and try
> to connect using ovs-vsctl
> ./ovs-vsctl --certificate=ctl-cert.pem --private-key=ctl-privkey.pem
> --peer-ca-cert=../var/lib/openvswitch/pki/controllerca/cacert.pem
> set-controller br0 ssl:127.0.0.1:6634
Keep in mind a couple of things.
1) ovs-vswitchd should know the location of private key and certs. You
should either pass those location through command line to ovs-vswitchd
during startup or through the SSL table. (I see it as odd that you are
using it with ovs-vsctl)
2) "../var/lib/openvswitch/pki/controllerca/cacert.pem" hopefully is
something the controller is actually using as its cert.
> but not able to connect to controller controller gives me
> 17:39:49.181 [New I/O server worker #1-2] INFO n.f.core.internal.Controller
> - New switch connection from /127.0.0.1:40014
> 17:39:49.182 [New I/O server worker #1-2] INFO n.f.core.internal.Controller
> - Disconnected switch OFSwitchImpl [/127.0.0.1:40014 DPID[?]]
> such messages.
> am doing any wrong setp or anybody tell me how to set ssl between ovs and
> controller?
>
> --
> Thanks &Regards,
> Prashant Chougule.
>
> _______________________________________________
> discuss mailing list
> discuss at openvswitch.org
> http://openvswitch.org/mailman/listinfo/discuss
>
More information about the discuss
mailing list