diff options
| author |   Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-09-16 08:11:35 +0000 |
|---|---|---|
| committer |   Gerrit Code Review <gerrit@onap.org> | 2020-09-16 08:11:35 +0000 |
| commit | 12020df05c2aabf7fd86c8393a2aba549584de1b (patch) | |
| tree | 4cc56892d9e598fb33542d435ed4af22b02bf8aa /kubernetes/contrib/components/ejbca/resources/ejbca-config.sh | |
| parent | e9d90d8dfd2a28d5ff248172fb9b81df9de8f43d (diff) | |
| parent | ed6e62100249bf099ec8b90a8ad147532b40372b (diff) | |
Merge "[CONTRIB] Adjust EJBCA to issue certificates usable by servers."
Diffstat (limited to 'kubernetes/contrib/components/ejbca/resources/ejbca-config.sh')
| -rwxr-xr-x | kubernetes/contrib/components/ejbca/resources/ejbca-config.sh | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh b/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh index f1bd07e158..ad10240b94 100755 --- a/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh +++ b/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh @@ -12,6 +12,12 @@ configureEjbca() { ejbca.sh config cmp updatealias --alias cmpRA --key operationmode --value ra ejbca.sh ca editca --caname ManagementCA --field cmpRaAuthSecret --value ${RA_IAK} ejbca.sh config cmp updatealias --alias cmpRA --key responseprotection --value pbe + #Custom EJBCA cert profile and endentity are imported to allow issuing certificates with correct extended usage (containing serverAuth) + ejbca.sh ca importprofiles -d /opt/primekey/custom_profiles + #Profile name taken from certprofile filename (certprofile_<profile-name>-<id>.xml) + ejbca.sh config cmp updatealias --alias cmpRA --key ra.certificateprofile --value CUSTOM_ENDUSER + #ID taken from entityprofile filename (entityprofile_<profile-name>-<id>.xml) + ejbca.sh config cmp updatealias --alias cmpRA --key ra.endentityprofileid --value 1356531849 ejbca.sh config cmp dumpalias --alias cmpRA ejbca.sh config cmp addalias --alias cmp ejbca.sh config cmp updatealias --alias cmp --key allowautomatickeyupdate --value true |