Table of Contents
Advertisement
Figure 65 Components that reference OpenFlow keystore and truststore
REST authentication
The HPE VAN SDN Controller relies on token-based authentication to authenticate most of its
REST APIs. All REST APIs except the /auth and /rsdoc APIs require an authentication token
embedded in an X-Auth-Token header to be included with each REST request. The /auth
API allows you to obtain a token, while the /rsdoc API provides REST API documentation
information about the controller's REST API.
CAUTION:
browser and in PDF format in the Hewlett Packard Enterprise Information Library for SDN. The
RSdoc for your controller can also contain REST API documentation added by applications
installed on the controller. Although the RSdoc API explorer interacts directly with the controller
REST API, RSdoc is not intended as a management or configuration interface. Use caution when
using the Try it out! button for POST or PUT methods because this action can result in changes
to your current controller environment.
Requests to the controller using the POST method of the cms/client/event resource can be
authenticated using client certificate-based authentication instead of token-based authentication.
For details on the Client Mapper Service that allows integration with an external policy manager
such as Aruba ClearPass Policy Manager, see
When you use certificate-based authentication, the controller authenticates the REST API request
by verifying the certificate presented by the client when the SSL connection is established against
the client certificate in the controller truststore.
Requirements for controller environment when using certificate-based
authentication
For the controller or for each controller in the team these requirements must be met:
The certificate for the client, an external policy manager such as Aruba ClearPass, must be
imported in to the truststore of the controller.
The issuer CN (common name) of the certificate must be entered for the value of the
clearpass.cert.cn key of the
com.hp.sdn.cms.impl.ClientMapperServiceProvider controller configurable
component.
114
Security
The HPE VAN SDN Controller REST API documentation is accessible from a web
"Using an external policy manager" (page
211).
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the HPE VAN SDN Controller 2.7 and is the answer not in the manual?