Template: openvswitch-switch/discover
Type: note
-_Description: Preparing to discover controller.
+_Description: Preparing to discover controller
The setup program will now attempt to discover the OpenFlow controller.
Controller discovery may take up to 30 seconds. Please be patient.
.
PKI server can be reached through it.
Template: openvswitch-switch/verify-controller-ca
-Type: select
-_Choices: yes, no
-Default: yes
+Type: boolean
+Default: true
_Description: Is ${fingerprint} the controller CA's fingerprint?
If a man-in-the-middle attack is possible in your network
environment, check that the controller CA's fingerprint is really
- ${fingerprint}. Answer "yes" if it matches, "no" if
+ ${fingerprint}. Answer "true" if it matches, "false" if
there is a discrepancy.
.
If a man-in-the-middle attack is not a concern, there is no need to
- verify the fingerprint. Simply answer "yes".
+ verify the fingerprint. Simply answer "true".
Template: openvswitch-switch/send-cert-req
-Type: select
-_Choices: yes, no
-Default: yes
+Type: boolean
+Default: true
_Description: Send certificate request to switch CA?
Before it can connect to the controller over SSL, the Open vSwitch's
key must be signed by the switch certificate authority (CA) located
the OpenFlow controller. A signing request can be sent to the PKI
server now.
.
- Answer "yes" to send a signing request to the switch CA now. This is
+ Answer "true" to send a signing request to the switch CA now. This is
ordinarily the correct choice. There is no harm in sending a given
signing request more than once.
.
- Answer "no" to skip sending a signing request to the switch CA.
+ Answer "false" to skip sending a signing request to the switch CA.
Unless the request has already been sent to the switch CA, manual
sending of the request and signing will be necessary.
available at ${pki-uri}.
Template: openvswitch-switch/fetch-switch-cert
-Type: select
-_Choices: yes, no
+Type: boolean
_Description: Fetch signed switch certificate from PKI server?
Before it can connect to the controller over SSL, the Open vSwitch's
key must be signed by the switch certificate authority (CA) located
certificate has not yet been retrieved. Manual action may need to be
taken at the PKI server to approve the signing request.
.
- Answer "yes" to attempt to retrieve the signed switch certificate
+ Answer "true" to attempt to retrieve the signed switch certificate
from the switch CA. If the switch certificate request has been
signed at the PKI server, this is the correct choice.
.
- Answer "no" to postpone switch configuration. The configuration
+ Answer "false" to postpone switch configuration. The configuration
process must be restarted later, when the switch certificate request
has been signed.
return 'skip' if -e $cert_file;
for (;;) {
- db_set('send-cert-req', 'yes');
+ db_set('send-cert-req', 'true');
db_input('send-cert-req');
return 'prev' if db_go();
- return 'next' if db_get('send-cert-req') eq 'no';
+ return 'next' if db_get('send-cert-req') eq 'false';
my $pki_uri = db_get('pki-uri');
my ($pki_base_uri) = $pki_uri =~ m%^([^/]+://[^/]+)/%;
db_subst('verify-controller-ca', 'fingerprint', $cacert_fingerprint);
db_input('verify-controller-ca');
return 'prev' if db_go();
- return 'next' if db_get('verify-controller-ca') eq 'yes';
+ return 'next' if db_get('verify-controller-ca') eq 'true';
unlink($cacert_file);
return 'prev';
},
return 'skip' if -e $cert_file;
for (;;) {
- db_set('fetch-switch-cert', 'yes');
+ db_set('fetch-switch-cert', 'true');
db_input('fetch-switch-cert');
return 'prev' if db_go();
- exit(1) if db_get('fetch-switch-cert') eq 'no';
+ exit(1) if db_get('fetch-switch-cert') eq 'false';
my $pki_uri = db_get('pki-uri');
my $url = "$pki_uri/switchca/certs/$req_fingerprint-cert.pem";
projects / openvswitch / commitdiff