diff options
author | Bogumil Zebek <bogumil.zebek@nokia.com> | 2020-04-09 12:16:30 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2020-04-09 12:16:30 +0000 |
commit | 6ac2ba6380c0dc23623fe3f198613c5f0bd2941a (patch) | |
tree | 94472de02fd9311df5d6aa9ab275d84a556676d2 | |
parent | 85cc98bc2b75ba8e8d6a40ce9e83b9cbe137536b (diff) | |
parent | 56f09f3f64b6f8f214fafdbfb1e6ca44ace2962c (diff) |
Merge "Adding EJBCA configuration to Documentation"
-rw-r--r-- | docs/sections/configuration.rst | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/docs/sections/configuration.rst b/docs/sections/configuration.rst index d77a2da0..51c87aa7 100644 --- a/docs/sections/configuration.rst +++ b/docs/sections/configuration.rst @@ -46,6 +46,36 @@ Certification Service Client image: docker run --env-file $DOCKER_ENV_FILE --network $NETWORK_CERT_SERVICE --volume $DOCKER_VOLUME $AAFCERT_CLIENT_IMAGE +Configuring EJBCA server for testing +------------------------------------ + +To instantiate an EJBCA server for testing purposes with an OOM deployment, cmpv2Enabled and cmpv2Testing have to be changed to true in oom/kubernetes/aaf/values.yaml. + +cmpv2Enabled has to be true to enable aaf-cert-service to be instantiated and used with an external Certificate Authority to get certificates for secure communication. + +If cmpv2Testing is enabled then an EJBCA test server will be instantiated in the OOM deployment as well, and will come pre-configured with a test CA to request a certificate from. + +Currently the recommended mode is single-layer RA mode. + + +Default Values: + ++---------------------+---------------------------------------------------------------------------------------------------------------------------------+ +| Name | Value | ++=====================+=================================================================================================================================+ +| Request URL | http://aaf-ejbca:8080/ejbca/publicweb/cmp/cmpRA | ++---------------------+---------------------------------------------------------------------------------------------------------------------------------+ +| Response Type | PKI Response | ++---------------------+---------------------------------------------------------------------------------------------------------------------------------+ +| caMode | RA | ++---------------------+---------------------------------------------------------------------------------------------------------------------------------+ +| alias | cmpRA | ++---------------------+---------------------------------------------------------------------------------------------------------------------------------+ + + +If you wish to configure the EJBCA server, you can find Documentation for EJBCA here: https://doc.primekey.com/ejbca/ + +If you want to understand how CMP works on EJBCA in more detail, you can find Details here: https://download.primekey.com/docs/EJBCA-Enterprise/6_14_0/CMP.html Init Container for K8s ---------------------- |