Goal: Whoever installs ONAP with AAF gets CertService up and running

CoS:

• CertService's helm chart adjusted to ONAP best practices (e.g. common template usage, global variables obey, etc)
• OOM contains following new global configuration parameters:
  • enablers:
    • cmpv2_enabled - controls CertService deployment and CertService's client calls in other ONAP components; partially controls EJBCA deployment; default: disabled
    • cmpv2_testing - controls (toghether with CMPv2_enabled) EJBCA deployment; default: disabled
  • properties for CertService's client:
    • cmpv2_issuer - name of CMPv2 issuer which should enroll certificates for ONAP border components; default value should match EJBCA configuration
    • cmpv2_country - country which will be used by CertService's clients to enroll certificates; default: US
    • cmpv2_organization - organization name which will be used by CertService's clients to enroll certificates; default: ONAP
    • cmpv2_state - province, region, county or state which will be used by CertService's clients to enroll certificates; default: California
    • cmpv2_organization_unit - organization unit name which will be used by CertService's clients to enroll certificates; default: <<empty value>>
    • cmpv2_location - location which will be used by CertService's clients to enroll certificates; default: <<empty value>>
• CertService deployed using OOM, but only if OOM flag (cmpv2_enabled) is enabled
• EJBCA is dependent chart to CertService and installed when cmpv2_enabled and cmpv2_testing are enabled
• When cmpv2_testing is enabled CertService's configuration (CMPv2 server details) bootstrapped with EJBCA information