SSL configuration for an Open_vSwitch.
Summary:
private_key string
certificate string
ca_cert string
bootstrap_ca_cert boolean
Common Columns:
external_ids map of string-string pairs
Details:
private_key: string
Name of a PEM file containing the private key used as the
switch's identity for SSL connections to the controller.
certificate: string
Name of a PEM file containing a certificate, signed by the
certificate authority (CA) used by the controller and
manager, that certifies the switch's private key,
identifying a trustworthy switch.
ca_cert: string
Name of a PEM file containing the CA certificate used to
verify that the switch is connected to a trustworthy
controller.
bootstrap_ca_cert: boolean
If set to true, then Open vSwitch will attempt to obtain
the CA certificate from the controller on its first SSL
connection and save it to the named PEM file. If it is
successful, it will immediately drop the connection and
reconnect, and from then on all SSL connections must be
authenticated by a certificate signed by the CA
certificate thus obtained. This option exposes the SSL
connection to a man-in-the-middle attack obtaining the
initial CA certificate. It may still be useful for
bootstrapping.
Common Columns:
The overall purpose of these columns is described under Common
Columns at the beginning of this document.
external_ids: map of string-string pairs
