-
Bug
-
Resolution: Not a Bug
-
Medium
-
Guilin Release, Honolulu Release
-
None
-
None
During E2E CMPv2-SNDC testing found out that certificate enrolled from CMPv2 server is not taken into account by client in NetConf over TLS communication.
During detailed inspection identified following issues:
- SDNC helm chart defines outputType variable but doesn't use it
- Default value for outputType in SDNC helm chart should be JKS, not P12 (installCerts.py consumes only files with .jks extension, and only with predefined names)
- installCerts.py is invoked only if ODL_CERT_DIR environment variable is present - but such is absent when CMPv2 is enabled - need to add it conditionally to SDNC container and set it to value where certificate files from CMPv2 server are stored (/var/custom-certs)
- installCerts.py has a bug which prevents loading certificate files - byte literal value is not converted to string after reading output from openssl command