- libssl, from OpenSSL, is optional but recommended if you plan to
connect the Open vSwitch to an OpenFlow controller. libssl is
required to establish confidentiality and authenticity in the
- connections from an Open vSwitch to an OpenFlow controller. To
- enable, configure with --enable-ssl=yes.
+ connections from an Open vSwitch to an OpenFlow controller. If
+ libssl is installed, then Open vSwitch will automatically build
+ with support for it.
To compile the kernel module, you must also install the following. If
you cannot build or install the kernel module, you may use the
configuration database, ovsdb-server. Each machine on which Open
vSwitch is installed should run its own copy of ovsdb-server.
Configure it to use the database you created during step 7 of
-installation, above, and to listen on a Unix domain socket, e.g.:
-
- % ovsdb-server /usr/local/etc/ovs-vswitchd.conf.db --remote=punix:/usr/local/var/run/openvswitch/db.sock
+installation, above, to listen on a Unix domain socket, to connect to
+any managers specified in the database itself, and to use the SSL
+configuration in the database:
+
+ % ovsdb-server /usr/local/etc/ovs-vswitchd.conf.db \
+ --remote=punix:/usr/local/var/run/openvswitch/db.sock \
+ --remote=db:Open_vSwitch,managers \
+ --private-key=db:SSL,private_key \
+ --certificate=db:SSL,certificate \
+ --bootstrap-ca-cert=db:SSL,ca_cert
Then initialize the database using ovs-vsctl. This is only
necessary the first time after you create the database with