On Thu, Nov 4, 2021 at 2:09 PM wrote:
> Hi,
>
> We have implemented SSL with the OVN. While using SSL with Global CA
> Signing registrar it works fine. When we use Self sign certificate with
> self-signed CA certificate it is showing below mentioned error.
>
> 2021-11-02 01:22:12.960 3124740 ERROR neutron.service OpenSSL.SSL.Error:
> [('SSL routines', 'tls_process_server_certificate', 'certificate verify
> failed')]
>
This looks like a message from OpenStack Neutron, and questions specific to
OpenStack Neutron may get better responses on the openstack-discuss mailing
list. But I will try to provide you with an answer, see below.
Kindly guide us regarding the method to implement self-signed certificate.
>
In general terms, you would need to provide all nodes with services that
want to talk to the OVN databases with a copy of the self-signed CA
certificate so that they can verify the authenticity of the server
certificate when establishing the connection. This is usually accomplished
by placing the file in a location such as
`/usr/local/share/ca-certificates` and then executing the
`update-ca-certificates`
tool.
--
Frode Nordahl
>
>
> ___
> discuss mailing list
> disc...@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
>
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
