diff options
author | ecaiyanlinux <martin.c.yan@est.tech> | 2019-08-21 08:38:04 +0000 |
---|---|---|
committer | ecaiyanlinux <martin.c.yan@est.tech> | 2019-08-21 08:38:04 +0000 |
commit | 7b9db0f82389efcf01db0cd8b1e427b1cce7d7f3 (patch) | |
tree | f53e038d6f5767fc26f82932f5c0144dc8adde50 | |
parent | e0a428511253eaded34a8d34aeac8d3631065538 (diff) |
Update dfc certificates instruction
Change-Id: Icfbaf51d79bf1471a822b4d506d055baec185070
Issue-ID: DCAEGEN2-1662
Signed-off-by: ecaiyanlinux <martin.c.yan@est.tech>
-rw-r--r-- | docs/sections/services/dfc/certificates.rst | 21 | ||||
-rw-r--r-- | docs/sections/services/dfc/installation.rst | 4 |
2 files changed, 18 insertions, 7 deletions
diff --git a/docs/sections/services/dfc/certificates.rst b/docs/sections/services/dfc/certificates.rst index 05728235..b759e70c 100644 --- a/docs/sections/services/dfc/certificates.rst +++ b/docs/sections/services/dfc/certificates.rst @@ -1,8 +1,15 @@ .. This work is licensed under a Creative Commons Attribution 4.0 International License. .. http://creativecommons.org/licenses/by/4.0 +Certificates (From AAF) +======================= +DCAE service components will use common certifcates generated from AAF/test instance and made available during deployment of DCAE TLS init container. -Certificates -============ +DCAE has a generalized process of certificate distribution as documented here - https://docs.onap.org/en/latest/submodules/dcaegen2.git/docs/sections/tls_enablement.html + +The updated certificates are located in https://git.onap.org/dcaegen2/deployments/tree/tls-init-container/tls + +Certificates (Manual configuration of self-signed certifcates) +============================================================== Configuration of Certificates in test environment(For FTP over TLS): @@ -77,31 +84,31 @@ We have two keystore files, one for TrustManager, one for KeyManager. Copy the existing jks from the DFC container to a local environment. .. code:: bash - + docker cp <DFC container>:/opt/app/datafile/config/ftp.jks . docker cp <DFC container>:/opt/app/datafile/config/dfc.jks . .. code:: bash - + openssl base64 -in ftp.jks -out ftp.jks.b64 openssl base64 -in dfc.jks -out dfc.jks.b64 .. code:: bash - + chmod 755 ftp.jks.b64 chmod 755 dfc.jks.b64 Copy the new jks.64 files from local environment to the DFC container. .. code:: bash - + docker cp ftp.jks.b64 <DFC container>:/opt/app/datafile/config/ docker cp dfc.jks.b64 <DFC container>:/opt/app/datafile/config/ Finally .. code:: bash - + docker restart <DFC container> 5. Configure vsftpd: diff --git a/docs/sections/services/dfc/installation.rst b/docs/sections/services/dfc/installation.rst index bfc84e48..e50d0351 100644 --- a/docs/sections/services/dfc/installation.rst +++ b/docs/sections/services/dfc/installation.rst @@ -77,3 +77,7 @@ Another option is to pull the image first, and then run the image's container wi The grep command will display the images corresponding to DFC. There can be several due to remotely or locally built
image, and also to different tags, i.e. different versions.
+
+Certifcates
+^^^^^^^^^^^
+.. _page: ./certifcates.rst
|