Uploaded image for project: 'Virtual Infrastructure Deployment'
  1. Virtual Infrastructure Deployment
  2. VID-261

Use HTTPS for internal interfaces

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Medium Medium
    • Casablanca Release
    • None
    • None
    • None

      As a VID user, I'd like to make sure VID FE and BE can both work in HTTPS.

      Acceptance criteria

      • VID FE and BE works in http:  HTTP://
        Unknown macro: {Unknown macro}
        }
      • VID FE and BE works in https:  HTTPS://
        Unknown macro: {Unknown macro}
        }
      • UI should be accessible via HTTPS.
      • All calls to internal VID API are being done using HTTPS.
      • HTTP is redirected to HTTPS by default.
      • Only strong TLS cipher suites should be used
      • HTTPS enforcing should be configurable (enable/disable via flag or system property by developer).
      • The certificate used for HTTPS should be signed by ONAP CA.
      • Tested with API tests
      • Technical documentation updated

       

      Non-functional apects:

      • Performance with HTTPS will be lower, comparing to HTTP
      • Performance of HTTP calls should not be affected

       

      For example, login page should work with both:

      http://VID.api.simpledemo.onap.org:8080/vid/login.htm

      https://VID.api.simpledemo.onap.org:8080/vid/login.htm

        1.
        		 Investigate creation of TLS certificates in ONAP Sub-task Closed darop
        2.
        		 Enable HTTPS in internal backend Java services Sub-task Closed darop
        3.
        		 (Pre) Performance measurements Sub-task Closed golabek
        4.
        		 (Post) Performance Tests and Validation Sub-task Closed Unassigned

            golabek golabek
            os0695 os0695
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved: