[ovs-discuss] OVSDB with SSL connection
paul at plumewifi.com
Fri Jan 6 01:50:45 UTC 2017
I am configuring ovsdb-server to connect to a remote manager using SSL. I
have the certificates configured, and the connection works as long as I do
not configure a ca-cert. Configuring a ca-cert causes server-side
certificate verification to fail in OpenSSL.
I believe this is because I am only allowed to insert an IP address for
remote manager target and the remote server is using a certificate
generated with it's DNS name, not IP address.
Is there a way (or any plans to support) providing a hostname target inside
the manager table? This would allow the OpenSSL library to properly verify
server-side certificate. Using per-IP certificates is not an option for us
to due to load balancing and scale.
Does not work: "ssl:manager.example.com:443"
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the discuss