HP OpenFlow 1.3 Administrator Guide Wired Switches K/KA/KB/WB 15.15
C Configuring secure connection HP VAN SDN controller
HP Switches running OpenFlow can securely connect to HP VAN SDN controller.
Follow the procedures to accomplish the secure connection.
1. On the HP Switch running OpenFlow, create a crypto profile.
Syntax
crypto pki ta-profile VanProfile
2. Copy root certificate to the HP switch using this command:
Syntax
copy tftp ta-certificate VanProfile [103.0.11.34] HpRoot.pem
3. Create an identity profile on the HP switch using this command:
Syntax
crypto pki identity-profile VanIdentity subject [common-name]
4. Make a certificate signing request.
Syntax
crypto pki create-csr certificate-name Vancert ta-profile
VanProfile usage openflow
5. Copy the CSR request text in step 4 and paste to a file named “switch.csr”
6. Execute the command:
Syntax
./signCSR.pl-in switch.csr-out switch-l 2
7. Execute the command:
Syntax
crypto pki install signed certificate
8. Copy and paste the contents of switch.pem into the HP switch console.
9. Configure OpenFlow to connect to the VAN SDN controller.
openflow
controller id 3 ip 103.0.11.31 port 6634 controller interface
vlan 1 instance "van"
member vlan 100
controller id 3 secure
version 1.3
limit hardware rate 10000000
limit software rate 10000
enable
exit
enable
76 Configuring secure connection HP VAN SDN controller