Once you have these files, configure ovs-vswitchd to use them using
the ovs-vsctl "set-ssl" command, e.g.:
- ovs-vsctl set-ssl /etc/vswitch/sc-privkey.pem /etc/vswitch/sc-cert.pem /etc/vswitch/cacert.pem
+ ovs-vsctl set-ssl /etc/openvswitch/sc-privkey.pem /etc/openvswitch/sc-cert.pem /etc/openvswitch/cacert.pem
Substitute the correct file names, of course, if they differ from the
ones used above. You should use absolute file names (ones that begin
OpenFlow") and you did not copy controllerca/cacert.pem from the PKI
machine to the Open vSwitch, then add the --bootstrap option, e.g.:
- ovs-vsctl -- --bootstrap set-ssl /etc/vswitch/sc-privkey.pem /etc/vswitch/sc-cert.pem /etc/vswitch/cacert.pem
+ ovs-vsctl -- --bootstrap set-ssl /etc/openvswitch/sc-privkey.pem /etc/openvswitch/sc-cert.pem /etc/openvswitch/cacert.pem
After you have added all of these configuration keys, you may specify
"ssl:" connection methods elsewhere in the configuration database.