[AAF] Add CMPv2 Cert Service

This new micro service allow retrieval of certificates using CMPv2
protocol and relay the requests to CA server (such as EJBCA provided in
contrib folder).

Issue-ID: AAF-1083
Change-Id: Ib3acba3d071533ad933d043f067147e8406d8fa8
Signed-off-by: EmmettCox <emmett.cox@est.tech>
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>

1 files changed, 21 insertions, 0 deletions

diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index 973613b464..dcbfd6d0cf 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -101,6 +101,27 @@ global:
 
   # Enabling CMPv2
   cmpv2Enabled: true
+  aaf:
+    certServiceClient:
+      image: onap/org.onap.aaf.certservice.aaf-certservice-client:1.0.0
+      secret:
+        name: aaf-cert-service-client-tls-secret
+        mountPath: /etc/onap/aaf/certservice/certs/
+      envVariables:
+        # Certificate related
+        cmpv2Organization: "Linux-Foundation"
+        cmpv2OrganizationalUnit: "ONAP"
+        cmpv2Location: "San-Francisco"
+        cmpv2State: "California"
+        cmpv2Country: "US"
+        # Client configuration related
+        caName: "RA"
+        requestURL: "https://aaf-cert-service:8443/v1/certificate/"
+        requestTimeout: "20000"
+        keystorePath: "/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks"
+        keystorePassword: "secret"
+        truststorePath: "/etc/onap/aaf/certservice/certs/truststore.jks"
+        truststorePassword: "secret"
 
   # TLS
   # Set to false if you want to disable TLS for NodePorts. Be aware that this