aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBogumil Zebek <bogumil.zebek@nokia.com>2020-04-09 12:16:30 +0000
committerGerrit Code Review <gerrit@onap.org>2020-04-09 12:16:30 +0000
commit6ac2ba6380c0dc23623fe3f198613c5f0bd2941a (patch)
tree94472de02fd9311df5d6aa9ab275d84a556676d2
parent85cc98bc2b75ba8e8d6a40ce9e83b9cbe137536b (diff)
parent56f09f3f64b6f8f214fafdbfb1e6ca44ace2962c (diff)
Merge "Adding EJBCA configuration to Documentation"
-rw-r--r--docs/sections/configuration.rst30
1 files changed, 30 insertions, 0 deletions
diff --git a/docs/sections/configuration.rst b/docs/sections/configuration.rst
index d77a2da0..51c87aa7 100644
--- a/docs/sections/configuration.rst
+++ b/docs/sections/configuration.rst
@@ -46,6 +46,36 @@ Certification Service Client image:
docker run --env-file $DOCKER_ENV_FILE --network $NETWORK_CERT_SERVICE --volume $DOCKER_VOLUME $AAFCERT_CLIENT_IMAGE
+Configuring EJBCA server for testing
+------------------------------------
+
+To instantiate an EJBCA server for testing purposes with an OOM deployment, cmpv2Enabled and cmpv2Testing have to be changed to true in oom/kubernetes/aaf/values.yaml.
+
+cmpv2Enabled has to be true to enable aaf-cert-service to be instantiated and used with an external Certificate Authority to get certificates for secure communication.
+
+If cmpv2Testing is enabled then an EJBCA test server will be instantiated in the OOM deployment as well, and will come pre-configured with a test CA to request a certificate from.
+
+Currently the recommended mode is single-layer RA mode.
+
+
+Default Values:
+
++---------------------+---------------------------------------------------------------------------------------------------------------------------------+
+| Name | Value |
++=====================+=================================================================================================================================+
+| Request URL | http://aaf-ejbca:8080/ejbca/publicweb/cmp/cmpRA |
++---------------------+---------------------------------------------------------------------------------------------------------------------------------+
+| Response Type | PKI Response |
++---------------------+---------------------------------------------------------------------------------------------------------------------------------+
+| caMode | RA |
++---------------------+---------------------------------------------------------------------------------------------------------------------------------+
+| alias | cmpRA |
++---------------------+---------------------------------------------------------------------------------------------------------------------------------+
+
+
+If you wish to configure the EJBCA server, you can find Documentation for EJBCA here: https://doc.primekey.com/ejbca/
+
+If you want to understand how CMP works on EJBCA in more detail, you can find Details here: https://download.primekey.com/docs/EJBCA-Enterprise/6_14_0/CMP.html
Init Container for K8s
----------------------