the OpenFlow connections, increasing network security.
This file explains how to configure an Open vSwitch to connect to an
-OpenFlow controller over SSL. Refer to INSTALL.Linux for instructions
-on building Open vSwitch with SSL support.
+OpenFlow controller over SSL. Refer to INSTALL for instructions on
+building Open vSwitch with SSL support.
Open vSwitch uses TLS version 1.0 or later (TLSv1), as specified by
RFC 2246, which is very similar to SSL version 3.0. TLSv1 was
% ovs-pki req+sign ctl controller
ctl-privkey.pem and ctl-cert.pem would need to be copied to the
-controller for its use at runtime. If you were to use ovs-controller,
+controller for its use at runtime. If you were to use test-controller,
the simple OpenFlow controller included with Open vSwitch, then the
--private-key and --certificate options, respectively, would point to
these files.
"tcp:" connection methods are still allowed even after SSL has been
configured, so for security you should use only "ssl:" connections.
-Unlike most Open vSwitch settings, the SSL settings are read only
-once, at ovs-vswitchd startup time. For changes to take effect,
-ovs-vswitchd must be killed and restarted.
-
Reporting Bugs
--------------