-
Task
-
Resolution: Done
-
Medium
-
None
-
None
Goal: Whoever installs ONAP with AAF gets CertService up and running
CoS:
- CertService's helm chart adjusted to ONAP best practices (e.g. common template usage, global variables obey, etc)
- OOM contains following new global configuration parameters:
- enablers:
- cmpv2_enabled - controls CertService deployment and CertService's client calls in other ONAP components; partially controls EJBCA deployment; default: disabled
- cmpv2_testing - controls (toghether with CMPv2_enabled) EJBCA deployment; default: disabled
- properties for CertService's client:
- cmpv2_issuer - name of CMPv2 issuer which should enroll certificates for ONAP border components; default value should match EJBCA configuration
- cmpv2_country - country which will be used by CertService's clients to enroll certificates; default: US
- cmpv2_organization - organization name which will be used by CertService's clients to enroll certificates; default: ONAP
- cmpv2_state - province, region, county or state which will be used by CertService's clients to enroll certificates; default: California
- cmpv2_organization_unit - organization unit name which will be used by CertService's clients to enroll certificates; default: <<empty value>>
- cmpv2_location - location which will be used by CertService's clients to enroll certificates; default: <<empty value>>
- enablers:
- CertService deployed using OOM, but only if OOM flag (cmpv2_enabled) is enabled
- EJBCA is dependent chart to CertService and installed when cmpv2_enabled and cmpv2_testing are enabled
- When cmpv2_testing is enabled CertService's configuration (CMPv2 server details) bootstrapped with EJBCA information