On Thu, Jan 05, 2017 at 05:50:45PM -0800, Paul White wrote: > I am configuring ovsdb-server to connect to a remote manager using SSL. I > have the certificates configured, and the connection works as long as I do > not configure a ca-cert. Configuring a ca-cert causes server-side > certificate verification to fail in OpenSSL. > > I believe this is because I am only allowed to insert an IP address for > remote manager target and the remote server is using a certificate > generated with it's DNS name, not IP address. > > Is there a way (or any plans to support) providing a hostname target inside > the manager table? This would allow the OpenSSL library to properly verify > server-side certificate. Using per-IP certificates is not an option for us > to due to load balancing and scale.
We'd accept a working patch. _______________________________________________ discuss mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
