% ovs-pki req+sign ctl controller
ctl-privkey.pem and ctl-cert.pem would need to be copied to the
-controller for its use at runtime. If you were to use ovs-controller,
+controller for its use at runtime. If you were to use test-controller,
the simple OpenFlow controller included with Open vSwitch, then the
--private-key and --certificate options, respectively, would point to
these files.
"tcp:" connection methods are still allowed even after SSL has been
configured, so for security you should use only "ssl:" connections.
-Unlike most Open vSwitch settings, the SSL settings are read only
-once, at ovs-vswitchd startup time. For changes to take effect,
-ovs-vswitchd must be killed and restarted.
-
Reporting Bugs
--------------