C613-50631-01 Rev A Command Reference for IE340 Series 2612
AlliedWare Plus™ Operating System - Version 5.5.3-0.x
OPENFLOW COMMANDS
OPENFLOW
SSL PEER CERTIFICATE
openflow ssl peer certificate
Overview Use this command to enable a peer certificate to be sent from the machine that the
OpenFlow Controller is running.
Use the no variant of this command to disable a peer certificate from being sent
from the machine that the OpenFlow Controller is running.
Syntax
openflow ssl peer certificate {<file>|bootstrap}
no openflow ssl peer certificate
Default Peer certificate validation is disabled by default.
Mode Global Configuration
Usage notes This command enables or disables peer certification on an OpenFlow Controller.
Example To validate a peer certificate using the bootstrap mode, use the commands:
awplus# configure terminal
awplus(config)# openflow ssl peer certificate bootstrap
To disable peer certificate validation, use the commands:
awplus# configure terminal
awplus(config)# no openflow ssl peer certificate
Related
commands
show openflow ssl
openflow controller
Command
changes
Version 5.4.7-1.1: command added
Version 5.4.7-2.1: command added to IE300, IE500 series products
Version 5.4.8-0.2: added to SBx908 GEN2
Version 5.4.8-1.1: added to IE210L series products
Parameter Description
<file> The CA certificate of an OpenFlow Controller must be in PEM
format and specified with an absolute path using the format
flash:cacert.pem. ď€
You must copy the file from the machine on which the OpenFlow
Controller is running beforehand to the OpenFlow switch.
bootstrap In bootstrap mode, when the switch first connects to the
OpenFlow Controller, it accepts and saves to RAM a self-signed CA
certificate sent from the Controller. Thereafter, the OpenFlow
switch will only connect to OpenFlow Controllers signed by the
same CA certificate.
To Next Page
Loading...
Need help?
General
