Configuring passive SSL connection settings
Step | Command | Remarks |
---|---|---|
1. Enter system view. | system-view | N/A |
2. Specify a PKI domain for SSL. | ovsdb server pki domain domain-name | By default, no PKI domain is specified for SSL. |
3. (Optional.) Specify a CA certificate file for SSL. | ovsdb server bootstrap ca-certificate ca-filename | By default, SSL uses the CA certificate file in the PKI domain. If the specified CA certificate file does not exist, the device obtains a self-signed certificate from the controller. The obtained file uses the name specified for the ca-filename argument. |
4. Enable the device to listen for SSL connection requests. | ovsdb server pssl [ port port-number ] | By default, the device does not listen for SSL connection requests. You can specify only one port to listen for OVSDB SSL connection requests. Port 6640 is used if you do specify a port when you execute the command. |