I try to deploy openvswitch with ipsec function on centos9. Then I install openvswitch-ipsec package with other dependencies. I set up the ipsec tunnel with PSK . It works well. However there are some error when I change to use self-signed cert. The libreswan uses nss database for ipsec, so it is unable to assign the path of cert and private key to the openvswitch.
[root@localhost ~]# yum install openvswitch3.1-ipsec.x86_64
Last metadata expiration check: 0:00:12 ago on Thu 14 Sep 2023 05:32:18 PM CST.
Dependencies resolved.
==============================================================================================================================================================
Package Architecture Version Repository Size
==============================================================================================================================================================
Installing:
openvswitch3.1-ipsec x86_64 3.1.0-36.el9s centos-nfv-openvswitch 27 k
Installing dependencies:
ldns x86_64 1.7.1-11.el9 appstream 161 k
libreswan x86_64 4.12-1.el9 appstream 1.3 M
openvswitch-selinux-extra-policy noarch 1.0-31.el9s centos-nfv-openvswitch 14 k
openvswitch3.1 x86_64 3.1.0-36.el9s centos-nfv-openvswitch 6.8 M
python3-openvswitch3.1 x86_64 3.1.0-36.el9s centos-nfv-openvswitch 267 k
Hi,maintainers
I try to deploy openvswitch with ipsec function on centos9. Then I install
openvswitch-ipsec
package with other dependencies. I set up the ipsec tunnel withPSK
. It works well. However there are some error when I change to useself-signed cert.
The libreswan uses nss database for ipsec, so it is unable to assign the path of cert and private key to the openvswitch.