diff options
| author |   Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> | 2021-03-26 13:06:35 +0100 |
|---|---|---|
| committer | Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> | 2021-04-22 14:08:36 +0000 |
| commit | 3267293a468d65a8bae755da77d2a48a9e25663a (patch) | |
| tree | 542bc3419c8637b32baa7cb2b2db694b9cae10cd /kubernetes/onap | |
| parent | 1b162638763115959a0960a1195618f571d5499b (diff) | |
[PLATFORM] Generate Cert-Service certs with Cert-Manager
Utilize Cert-Manager to secure communication between
Cert-Service and its clients, adjust templates and
configs.
Issue-ID: OOM-2712
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: I96426b1a184b4d254575e76d29214d9deda08cce
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
Diffstat (limited to 'kubernetes/onap')
| -rwxr-xr-x | kubernetes/onap/values.yaml | 23 |
1 files changed, 10 insertions, 13 deletions
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index b008acf6f3..ca9ccd48f4 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -196,28 +196,25 @@ global: cmpv2Enabled: true CMPv2CertManagerIntegration: false platform: + certificates: + clientSecretName: oom-cert-service-client-tls-secret + keystoreKeyRef: keystore.jks + truststoreKeyRef: truststore.jks + keystorePasswordSecretName: oom-cert-service-certificates-password + keystorePasswordSecretKey: password + truststorePasswordSecretName: oom-cert-service-certificates-password + truststorePasswordSecretKey: password certServiceClient: image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3 - secret: - name: oom-cert-service-client-tls-secret - mountPath: /etc/onap/oom/certservice/certs/ + certificatesSecretMountPath: /etc/onap/oom/certservice/certs/ envVariables: certPath: "/var/custom-certs" # Certificate related - cmpv2Organization: "Linux-Foundation" - cmpv2OrganizationalUnit: "ONAP" - cmpv2Location: "San-Francisco" - cmpv2State: "California" - cmpv2Country: "US" - # Client configuration related caName: "RA" + # Client configuration related requestURL: "https://oom-cert-service:8443/v1/certificate/" requestTimeout: "30000" - keystorePath: "/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks" outputType: "P12" - keystorePassword: "secret" - truststorePath: "/etc/onap/oom/certservice/certs/truststore.jks" - truststorePassword: "secret" # Indicates offline deployment build # Set to true if you are rendering helm charts for offline deployment |