diff options
| author |   Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> | 2021-03-26 13:06:35 +0100 |
|---|---|---|
| committer | Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> | 2021-04-22 14:08:36 +0000 |
| commit | 3267293a468d65a8bae755da77d2a48a9e25663a (patch) | |
| tree | 542bc3419c8637b32baa7cb2b2db694b9cae10cd /kubernetes/common/cmpv2Config | |
| parent | 1b162638763115959a0960a1195618f571d5499b (diff) | |
[PLATFORM] Generate Cert-Service certs with Cert-Manager
Utilize Cert-Manager to secure communication between
Cert-Service and its clients, adjust templates and
configs.
Issue-ID: OOM-2712
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: I96426b1a184b4d254575e76d29214d9deda08cce
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
Diffstat (limited to 'kubernetes/common/cmpv2Config')
| -rw-r--r-- | kubernetes/common/cmpv2Config/values.yaml | 34 |
1 files changed, 26 insertions, 8 deletions
diff --git a/kubernetes/common/cmpv2Config/values.yaml b/kubernetes/common/cmpv2Config/values.yaml index b6ee064302..695e40616c 100644 --- a/kubernetes/common/cmpv2Config/values.yaml +++ b/kubernetes/common/cmpv2Config/values.yaml @@ -12,22 +12,40 @@ # See the License for the specific language governing permissions and # limitations under the License. global: + + # Enabling CMPv2 + cmpv2Enabled: true + CMPv2CertManagerIntegration: false + + certificate: + default: + subject: + organization: "Linux-Foundation" + country: "US" + locality: "San-Francisco" + province: "California" + organizationalUnit: "ONAP" + platform: + certificates: + clientSecretName: oom-cert-service-client-tls-secret + keystoreKeyRef: keystore.jks + truststoreKeyRef: truststore.jks + keystorePasswordSecretName: oom-cert-service-keystore-password + keystorePasswordSecretKey: password + truststorePasswordSecretName: oom-cert-service-truststore-password + truststorePasswordSecretKey: password certServiceClient: image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3 - secretName: oom-cert-service-client-tls-secret + certificatesSecretMountPath: /etc/onap/oom/certservice/certs/ envVariables: + certPath: "/var/custom-certs" # Certificate related - cmpv2Organization: "Linux-Foundation" - cmpv2OrganizationalUnit: "ONAP" - cmpv2Location: "San-Francisco" - cmpv2State: "California" - cmpv2Country: "US" + caName: "RA" # Client configuration related requestURL: "https://oom-cert-service:8443/v1/certificate/" requestTimeout: "30000" - keystorePassword: "secret" - truststorePassword: "secret" + outputType: "P12" certPostProcessor: image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.3.3 |