-
Sub-task
-
Resolution: Done
-
Medium
-
None
-
None
-
None
-
None
We should adjust PNF to use HTTPS VES endpoint and client certificate authentication.
CoS:
- PNF simulator adjusted to use HTTPS VES endpoint and client certificate authentication (certificate should be signed by default AAF root/intermediate CAs)
- Certificate from AAF should be acquired dynamically from AAF and should not be hardcoded in PNF simulator's repo
- The best way to acquire certificate and trust anchors from AAF is to call AAF agent container, store certificate and trust anchors in directory which will be mounted to PNF simulator container
- Need to use DCAE AAF artifact to acquire certificate
- The best way to acquire certificate and trust anchors from AAF is to call AAF agent container, store certificate and trust anchors in directory which will be mounted to PNF simulator container
- Automatic way (docker compose that starts PNF simulator) adjusted to call AAF agent container
- Cause simulator works as mirror (means it gets URL to connect to in its own API call) PNF simulator has to work in dual mode:
- It should work when it gets HTTP URL
- It should work when it gets HTTPS URL
R&D notes:
- Jonathan's documentation how to use AAF agent as init container
- DCAE uses its own wrapper over AAF agent to request and convert certificate - see dcaegen2/deployments/tls-init-container
How to demo:
- send event to PNF simulator to trigger sending event to VES collector
- proof using VES collector logs and TCP dump that certificate from AAF agent and client certificate authentication were used