-
Bug
-
Resolution: Done
-
Highest
-
Frankfurt Release
nbi certificates (in org.onap.nbi namespace) are present in the system but cannot be accessed:
- nbi@nbi.onap.org doesn't have any permissions
- aaf_admin@people.osaaf.org has permissions to access but not retrieve certificates
I've done in "shell" part of AAF gui :
role create org.onap.nbi.seeCerts perm grant org.onap.nbi.certman local request,ignoreIPs,showpass org.onap.nbi.seeCerts user role add aaf_admin@people.osaaf.org org.onap.nbi.seeCert
and now I can retrieve the certificates via aaf-init with following values:
Key | Value |
---|---|
APP_FQI | nbi@nbi.onap.org |
aaf_locate_url | https://aaf-locate.onap:8095 |
aaf_locator_container | oom |
aaf_locator_container_ns | onap |
aaf_locator_fqdn | nbi |
aaf_locator_public_fqdn | nbi.onap.org |
aaf_locator_app_ns | org.osaaf.aaf |
DEPLOY_FQI | aaf_admin@people.osaaf.org |
DEPLOY_PASSWORD | demo123456! |
cadi_longitude | 0 |
cadi_latitude | 0 |
So please:
- update the database so these values are always set
- and maybe give admin + seeCerts stuff to nbi@nbi.onap.org in order to be more secure