In Libreswan case, 'ovs-monitor-ipsec' incorrectly configures 'leftcert' and 'rightcert' names for self-signed certificates. This patch resolves that.
Signed-off-by: Mark Gray <[email protected]> --- ipsec/ovs-monitor-ipsec.in | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ipsec/ovs-monitor-ipsec.in b/ipsec/ovs-monitor-ipsec.in index b84608a55d8a..744d3b5f7d9c 100755 --- a/ipsec/ovs-monitor-ipsec.in +++ b/ipsec/ovs-monitor-ipsec.in @@ -424,8 +424,8 @@ conn prevent_unencrypted_vxlan right=$remote_ip leftid=@$local_name rightid=@$remote_name - leftcert="$local_name" - rightcert="$remote_name" + leftcert="ovs_certkey_$local_name" + rightcert="ovs_cert_$remote_name" leftrsasigkey=%cert"""), "pki_ca": Template("""\ left=%defaultroute @@ -686,7 +686,7 @@ conn prevent_unencrypted_vxlan if proc.returncode: raise Exception(proc.stderr.read()) except Exception as e: - vlog.err("Failed to import ceretificate into NSS.\n" + str(e)) + vlog.err("Failed to import certificate into NSS.\n" + str(e)) def _nss_delete_cert(self, name): try: @@ -698,7 +698,7 @@ conn prevent_unencrypted_vxlan if proc.returncode: raise Exception(proc.stderr.read()) except Exception as e: - vlog.err("Failed to delete ceretificate from NSS.\n" + str(e)) + vlog.err("Failed to delete certificate from NSS.\n" + str(e)) def _nss_import_cert_and_key(self, cert, key, name): try: -- 2.26.2 _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
