Abhishek, Did you try "Decode As" feature on Wireshark? Because Wireshark has no knowledge that 6633/tcp is running atop SSL, it won't dissect the packets as SSL by default. If you explicitly specify so that Wireshark dissects the packets as SSL, then the packets will be dissected accordingly.
Regards, --- Motonori Shindo 2013/11/21 13:35、abhishek jain <ashujain9...@gmail.com> のメール: > Hi Ben, > > Thanks for guidance.The SSL connection worked.The OVS is showing "connected > true". > However when I capture wireshark packets between OVS and controller,I'm not > able to capture ssl packets between OVS and controller. > Can you help regarding this? > > > > On Wed, Nov 20, 2013 at 10:46 PM, Ben Pfaff <b...@nicira.com> wrote: > The log messages are as clear I can make them. You need to configure a > certificate and a private key. However you are doing it, you are doing > it wrong. The Open vSwitch automatic tests manage to do this just fine > whenever someone runs "make check" so I know that it works. > > On Wed, Nov 20, 2013 at 02:24:19PM +0530, sonia verma wrote: > > Hi Ben > > > > I have performed all the configuration described in OVS.Is there anything > > else which I need to configure? > > I'm using OVS versioon 1-11 for this. > > > > > > > > On Wed, Nov 20, 2013 at 12:21 PM, Ben Pfaff <b...@nicira.com> wrote: > > > > > It looks like you didn't configure a private key and a certificate. > > > > > > On Wed, Nov 20, 2013 at 12:15:46PM +0530, abhishek jain wrote: > > > > Hi Ben > > > > > > > > I have followed the same process as described in INSTALL.SSL but still > > > the > > > > result is same. > > > > Can you help regarding this? > > > > > > > > > > > > > > > > On Wed, Nov 20, 2013 at 11:19 AM, Ben Pfaff <b...@nicira.com> wrote: > > > > > > > > > On Wed, Nov 20, 2013 at 11:08:34AM +0530, abhishek jain wrote: > > > > > > Thanks for your help. > > > > > > I'm getting following error when configuring OVS for ssl. > > > > > > > > > > > > stream_ssl|ERR|Certificate must be configured to use SSL > > > > > > 2013-11-20T05:29:49Z|00598|rconn|WARN|br0<->ssl:192.168.6.129:6633: > > > > > > connection failed (Protocol not available) > > > > > > 2013-11-20T05:29:57Z|00599|stream_ssl|ERR|Private key must be > > > configured > > > > > to > > > > > > use SSL > > > > > > 2013-11-20T05:29:57Z|00600|stream_ssl|ERR|Certificate must be > > > configured > > > > > to > > > > > > use SSL > > > > > > 2013-11-20T05:29:57Z|00601|rconn|WARN|br0<->ssl:192.168.6.129:6633: > > > > > > connection failed (Protocol not available) > > > > > > 2013-11-20T05:30:05Z|00602|stream_ssl|ERR|Private key must be > > > configured > > > > > to > > > > > > use SSL > > > > > > 2013-11-20T05:30:05Z|00603|stream_ssl|ERR|Certificate must be > > > configured > > > > > to > > > > > > use SSL > > > > > > 2013-11-20T05:30:05Z|00604|rconn|WARN|br0<->ssl:192.168.6.129:6633: > > > > > > connection failed (Protocol not available) > > > > > > 2013-11-20T05:30:13Z|00605|stream_ssl|ERR|Private key must be > > > configured > > > > > to > > > > > > use SSL > > > > > > 2013-11-20T05:30:13Z|00606|stream_ssl|ERR|Certificate must be > > > configured > > > > > to > > > > > > use SSL > > > > > > 2013-11-20T05:30:13Z|00607|rconn|WARN|br0<->ssl:192.168.6.129:6633: > > > > > > connection failed (Protocol not available) > > > > > > 2013-11-20T05:30:21Z|00608|stream_ssl|ERR|Private key must be > > > configured > > > > > to > > > > > > use SSL > > > > > > 2013-11-20T05:30:21Z|00609|stream_ssl|ERR|Certificate must be > > > configured > > > > > to > > > > > > use SSL > > > > > > 2013-11-20T05:30:21Z|00610|rconn|WARN|br0<->ssl:192.168.6.129:6633: > > > > > > connection failed (Protocol not available) > > > > > > 2013-11-20T05:30:21Z|00611|fail_open|INFO|Still in fail-open mode > > > after > > > > > > 1479 seconds disconnected from controller > > > > > > > > > > > > Do you know how to deal with that. > > > > > > > > > > I would start by reading INSTALL.SSL. > > > > > > > > _______________________________________________ > > > discuss mailing list > > > discuss@openvswitch.org > > > http://openvswitch.org/mailman/listinfo/discuss > > > > > _______________________________________________ > discuss mailing list > discuss@openvswitch.org > http://openvswitch.org/mailman/listinfo/discuss --- Motonori Shindo _______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
