From 7b9db0f82389efcf01db0cd8b1e427b1cce7d7f3 Mon Sep 17 00:00:00 2001 From: ecaiyanlinux Date: Wed, 21 Aug 2019 08:38:04 +0000 Subject: Update dfc certificates instruction Change-Id: Icfbaf51d79bf1471a822b4d506d055baec185070 Issue-ID: DCAEGEN2-1662 Signed-off-by: ecaiyanlinux --- docs/sections/services/dfc/certificates.rst | 21 ++++++++++++++------- docs/sections/services/dfc/installation.rst | 4 ++++ 2 files changed, 18 insertions(+), 7 deletions(-) diff --git a/docs/sections/services/dfc/certificates.rst b/docs/sections/services/dfc/certificates.rst index 05728235..b759e70c 100644 --- a/docs/sections/services/dfc/certificates.rst +++ b/docs/sections/services/dfc/certificates.rst @@ -1,8 +1,15 @@ .. This work is licensed under a Creative Commons Attribution 4.0 International License. .. http://creativecommons.org/licenses/by/4.0 +Certificates (From AAF) +======================= +DCAE service components will use common certifcates generated from AAF/test instance and made available during deployment of DCAE TLS init container. -Certificates -============ +DCAE has a generalized process of certificate distribution as documented here - https://docs.onap.org/en/latest/submodules/dcaegen2.git/docs/sections/tls_enablement.html + +The updated certificates are located in https://git.onap.org/dcaegen2/deployments/tree/tls-init-container/tls + +Certificates (Manual configuration of self-signed certifcates) +============================================================== Configuration of Certificates in test environment(For FTP over TLS): @@ -77,31 +84,31 @@ We have two keystore files, one for TrustManager, one for KeyManager. Copy the existing jks from the DFC container to a local environment. .. code:: bash - + docker cp :/opt/app/datafile/config/ftp.jks . docker cp :/opt/app/datafile/config/dfc.jks . .. code:: bash - + openssl base64 -in ftp.jks -out ftp.jks.b64 openssl base64 -in dfc.jks -out dfc.jks.b64 .. code:: bash - + chmod 755 ftp.jks.b64 chmod 755 dfc.jks.b64 Copy the new jks.64 files from local environment to the DFC container. .. code:: bash - + docker cp ftp.jks.b64 :/opt/app/datafile/config/ docker cp dfc.jks.b64 :/opt/app/datafile/config/ Finally .. code:: bash - + docker restart 5. Configure vsftpd: diff --git a/docs/sections/services/dfc/installation.rst b/docs/sections/services/dfc/installation.rst index bfc84e48..e50d0351 100644 --- a/docs/sections/services/dfc/installation.rst +++ b/docs/sections/services/dfc/installation.rst @@ -77,3 +77,7 @@ Another option is to pull the image first, and then run the image's container wi The grep command will display the images corresponding to DFC. There can be several due to remotely or locally built image, and also to different tags, i.e. different versions. + +Certifcates +^^^^^^^^^^^ +.. _page: ./certifcates.rst -- cgit 1.2.3-korg