diff options
| author | Gurucharan Shetty <gshetty@nicira.com> | 2015-08-19 15:42:07 -0700 |
|---|---|---|
| committer | Gurucharan Shetty <gshetty@nicira.com> | 2015-08-21 15:36:54 -0700 |
| commit | 5bf6cbd6961f22a99df799ea0f3e816792ba42c3 (patch) | |
| tree | 00c4919baac8e3691ad61c76d82da1a2f2d40879 /ovsdb | |
| parent | 36561090182f5bd90725f3724bbf4d9f60e8b8fa (diff) | |
| download | openvswitch-5bf6cbd6961f22a99df799ea0f3e816792ba42c3.tar.gz | |
ovsdb-server: Add the ability to push peer-cert.
In OVN, ovsdb-server is the daemon that manages the databases
and can be called as the central controller. So it would be
nice for ovsdb-server to be able to push its self-signed
certificate to all the other nodes where ovn-controller runs.
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Diffstat (limited to 'ovsdb')
| -rw-r--r-- | ovsdb/ovsdb-server.1.in | 2 | ||||
| -rw-r--r-- | ovsdb/ovsdb-server.c | 6 |
2 files changed, 8 insertions, 0 deletions
diff --git a/ovsdb/ovsdb-server.1.in b/ovsdb/ovsdb-server.1.in index e33d718cb..e340993f7 100644 --- a/ovsdb/ovsdb-server.1.in +++ b/ovsdb/ovsdb-server.1.in @@ -21,6 +21,7 @@ ovsdb\-server \- Open vSwitch database server .so lib/vlog-syn.man .so lib/ssl-syn.man .so lib/ssl-bootstrap-syn.man +.so lib/ssl-peer-ca-cert-syn.man .so lib/unixctl-syn.man .so lib/common-syn.man . @@ -111,6 +112,7 @@ as the file name. (This means that ordinarily there should be at most one row in \fItable\fR.) .so lib/ssl.man .so lib/ssl-bootstrap.man +.so lib/ssl-peer-ca-cert.man .SS "Other Options" .so lib/unixctl.man .so lib/common.man diff --git a/ovsdb/ovsdb-server.c b/ovsdb/ovsdb-server.c index cd13b0de1..4088d8544 100644 --- a/ovsdb/ovsdb-server.c +++ b/ovsdb/ovsdb-server.c @@ -1252,6 +1252,7 @@ parse_options(int *argcp, char **argvp[], OPT_UNIXCTL, OPT_RUN, OPT_BOOTSTRAP_CA_CERT, + OPT_PEER_CA_CERT, VLOG_OPTION_ENUMS, DAEMON_OPTION_ENUMS }; @@ -1266,6 +1267,7 @@ parse_options(int *argcp, char **argvp[], DAEMON_LONG_OPTIONS, VLOG_LONG_OPTIONS, {"bootstrap-ca-cert", required_argument, NULL, OPT_BOOTSTRAP_CA_CERT}, + {"peer-ca-cert", required_argument, NULL, OPT_PEER_CA_CERT}, {"private-key", required_argument, NULL, 'p'}, {"certificate", required_argument, NULL, 'c'}, {"ca-cert", required_argument, NULL, 'C'}, @@ -1325,6 +1327,10 @@ parse_options(int *argcp, char **argvp[], bootstrap_ca_cert = true; break; + case OPT_PEER_CA_CERT: + stream_ssl_set_peer_ca_cert_file(optarg); + break; + case '?': exit(EXIT_FAILURE); |