-
Story
-
Resolution: Done
-
Medium
-
None
-
None
-
None
-
R3 Sprint 6
As a VID user, I'd like to make sure VID FE and BE can both work in HTTPS.
Acceptance criteria
- VID FE and BE works in http: HTTP://
Unknown macro: {Unknown macro}
}
- VID FE and BE works in https: HTTPS://
Unknown macro: {Unknown macro}
}
- UI should be accessible via HTTPS.
- All calls to internal VID API are being done using HTTPS.
- HTTP is redirected to HTTPS by default.
- Only strong TLS cipher suites should be used
- HTTPS enforcing should be configurable (enable/disable via flag or system property by developer).
- The certificate used for HTTPS should be signed by ONAP CA.
- Tested with API tests
- Technical documentation updated
Non-functional apects:
- Performance with HTTPS will be lower, comparing to HTTP
- Performance of HTTP calls should not be affected
For example, login page should work with both:
1.
|
Investigate creation of TLS certificates in ONAP | Closed | darop | |
2.
|
Enable HTTPS in internal backend Java services | Closed | darop | |
3.
|
(Pre) Performance measurements | Closed | golabek | |
4.
|
(Post) Performance Tests and Validation | Closed | Unassigned |