From 2edb937330babe09aa7f7977ea7fcb1f6b3dc5ac Mon Sep 17 00:00:00 2001 From: EmmettCox Date: Thu, 27 Feb 2020 14:20:52 +0000 Subject: [AAF] Add CMPv2 Cert Service This new micro service allow retrieval of certificates using CMPv2 protocol and relay the requests to CA server (such as EJBCA provided in contrib folder). Issue-ID: AAF-1083 Change-Id: Ib3acba3d071533ad933d043f067147e8406d8fa8 Signed-off-by: EmmettCox Signed-off-by: Sylvain Desbureaux (cherry picked from commit bca68e048a74ac3754e76ed738090402f7cbfd13) --- .../resources/certServiceClient-keystore.jks | Bin 0 -> 4087 bytes .../resources/certServiceServer-keystore.jks | Bin 0 -> 4126 bytes .../resources/certServiceServer-keystore.p12 | Bin 0 -> 4691 bytes .../resources/default/cmpServers.json | 3 ++ .../aaf/charts/aaf-cert-service/resources/root.crt | 32 +++++++++++++++++++++ .../resources/test/cmpServers.json | 24 ++++++++++++++++ .../aaf-cert-service/resources/truststore.jks | Bin 0 -> 1722 bytes 7 files changed, 59 insertions(+) create mode 100644 kubernetes/aaf/charts/aaf-cert-service/resources/certServiceClient-keystore.jks create mode 100644 kubernetes/aaf/charts/aaf-cert-service/resources/certServiceServer-keystore.jks create mode 100644 kubernetes/aaf/charts/aaf-cert-service/resources/certServiceServer-keystore.p12 create mode 100644 kubernetes/aaf/charts/aaf-cert-service/resources/default/cmpServers.json create mode 100644 kubernetes/aaf/charts/aaf-cert-service/resources/root.crt create mode 100644 kubernetes/aaf/charts/aaf-cert-service/resources/test/cmpServers.json create mode 100644 kubernetes/aaf/charts/aaf-cert-service/resources/truststore.jks (limited to 'kubernetes/aaf/charts/aaf-cert-service/resources') diff --git a/kubernetes/aaf/charts/aaf-cert-service/resources/certServiceClient-keystore.jks b/kubernetes/aaf/charts/aaf-cert-service/resources/certServiceClient-keystore.jks new file mode 100644 index 0000000000..f24908c55d Binary files /dev/null and b/kubernetes/aaf/charts/aaf-cert-service/resources/certServiceClient-keystore.jks differ diff --git a/kubernetes/aaf/charts/aaf-cert-service/resources/certServiceServer-keystore.jks b/kubernetes/aaf/charts/aaf-cert-service/resources/certServiceServer-keystore.jks new file mode 100644 index 0000000000..89605b6b7a Binary files /dev/null and b/kubernetes/aaf/charts/aaf-cert-service/resources/certServiceServer-keystore.jks differ diff --git a/kubernetes/aaf/charts/aaf-cert-service/resources/certServiceServer-keystore.p12 b/kubernetes/aaf/charts/aaf-cert-service/resources/certServiceServer-keystore.p12 new file mode 100644 index 0000000000..2106c817ef Binary files /dev/null and b/kubernetes/aaf/charts/aaf-cert-service/resources/certServiceServer-keystore.p12 differ diff --git a/kubernetes/aaf/charts/aaf-cert-service/resources/default/cmpServers.json b/kubernetes/aaf/charts/aaf-cert-service/resources/default/cmpServers.json new file mode 100644 index 0000000000..358f2a82c7 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-cert-service/resources/default/cmpServers.json @@ -0,0 +1,3 @@ +{ + "cmpv2Servers": [] +} \ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-cert-service/resources/root.crt b/kubernetes/aaf/charts/aaf-cert-service/resources/root.crt new file mode 100644 index 0000000000..faeee81357 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-cert-service/resources/root.crt @@ -0,0 +1,32 @@ +-----BEGIN CERTIFICATE----- +MIIFlDCCA3ygAwIBAgIETsAy8jANBgkqhkiG9w0BAQwFADByMQswCQYDVQQGEwJQ +TDEUMBIGA1UECBMLRG9sbnkgU2xhc2sxEDAOBgNVBAcTB1dyb2NsYXcxFTATBgNV +BAoTDFJvb3QgQ29tcGFueTERMA8GA1UECxMIUm9vdCBPcmcxETAPBgNVBAMTCHJv +b3QuY29tMB4XDTIwMDQwMzA5MTYxNloXDTMwMDQwMTA5MTYxNlowcjELMAkGA1UE +BhMCUEwxFDASBgNVBAgTC0RvbG55IFNsYXNrMRAwDgYDVQQHEwdXcm9jbGF3MRUw +EwYDVQQKEwxSb290IENvbXBhbnkxETAPBgNVBAsTCFJvb3QgT3JnMREwDwYDVQQD +Ewhyb290LmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAImm68wu +rtdkVrC5JI2y53+DoVE4al7NxC2yHeVW0PRD3CgW1xba6dlSQoDQQKkDkxtuNhlU +IQxU1bbKR6syqJgpJXwSDx4sl4J5lQGWN+iuNA72C1IyXATOgowGq6PbOVVTkApy +3+ZZGBCmweTjhvddAO7k5p8v+ePt17VvBTxSt6rSvrkGMbpCxBGAPfGpL9xykm9Z +okVSlA42gGhbra499QTT0Yc/WPPFotKkDKFGaDrLW3NYX1Lio11myYNvLOMwfSEV +Xy9vkwxcdqFJpHjx+EVLLQXwkudZP+D53N4bk8nP3SacbZSQ/A85mZpWNtw+r9QL +fZGecY1YIR0udLj66CIG3ybl3gSXX7TSRERTIMR6Um1lt+039FSa18mRBpQTCDXV +tSL58Qs5BHFkCe0sGpY+XiSEypc6oYPf/7YjiTvMT/mHhDffrvFjhK+wP/oCIg8u +vuPRoPWuyw41bBeFGitJgDn7E8p9B4K/1DCO/ZcjXiYMgn5Hwb3ojablYUeiXs99 +2AAV8gCceUCdgcP8d6wdAydOVljavkgHPG0IMbiVG1WT57oM3HQpejgpujlKDDsI +bi9/lbcC/U0JoN9yAaJZFr7CXJrxRv8DWeTwzMTo203KHNu9roQiERd38P8Dp6AQ +ivmqf0+0VZM3IpjWBYKM68tclHJcG+7wyFjvAgMBAAGjMjAwMB0GA1UdDgQWBBSN +lFyR56zh67mnvYTmmgJQVxEJrjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEB +DAUAA4ICAQBczmFY0kmr1FK50glkT282ur0vukNtwXQNJONof3rYRqP2W98jID6D +ayma0B4/H1EqCa0d66wRBxFdwW+MqOc4uWD3uUwgazrYD/Bv+V3aumaw8yX6vbyL +hLNfpd4pViAEGtzYxYfMfFR6uzInF3NMpvt8OXCSGKiQjDMnMs0ekvUZLJm7yxwT +Qr9aAEFYQYM/GstUC6qFfuUa4MaGvmyKWhZ10JoKXYbGGeFU4wI7Kzifh3VvawTg +r314ZvQ3zpEwzNJpdvT5ZKuPvyN+drAKFpSPfOTFmmb3uF95FgYq33OFPpo7SR43 +tnw5u5YqKnsHmqCIRMctWiYZc8rBJ3+eBGmke6z/AN6FraG6Ejc8e4WPclrB8STb ++oB3a4Cvri1VHyodkm50Sb/d1FAMDXvzEPBfu2D0dVvOwOcISSN/MQUom8NN4YeI +aEATdAPNkokgehOzZ1OPRv47FKYEVPCXjaZEWAC7NNmNiRn4RQOti0DlNrLL7Nx9 +vK09G0EnW01MO2ARRkZ3dog+Ph7orJQV3sd7TO4EEortqWtbegSH75ylyYw6rt/j +uBzYtMOnEtnQKhxj4Wj7PO+StCgspoOByn0d+iSgDd2TlpWm4naP2pfFZT0R+TOH +wzSH0F47TSfRd0++uEz/QhViybrvQK7yMt1G1YwZp2im+imuWwUC8Q== +-----END CERTIFICATE----- diff --git a/kubernetes/aaf/charts/aaf-cert-service/resources/test/cmpServers.json b/kubernetes/aaf/charts/aaf-cert-service/resources/test/cmpServers.json new file mode 100644 index 0000000000..06e1087f60 --- /dev/null +++ b/kubernetes/aaf/charts/aaf-cert-service/resources/test/cmpServers.json @@ -0,0 +1,24 @@ +{ + "cmpv2Servers": [ + { + "caName": "CLIENT", + "url": "http://ejbca:8080/ejbca/publicweb/cmp/cmp", + "issuerDN": "CN=ManagementCA", + "caMode": "CLIENT", + "authentication": { + "iak": "${CLIENT_IAK}", + "rv": "${CLIENT_RV}" + } + }, + { + "caName": "RA", + "url": "http://ejbca:8080/ejbca/publicweb/cmp/cmpRA", + "issuerDN": "CN=ManagementCA", + "caMode": "RA", + "authentication": { + "iak": "${RA_IAK}", + "rv": "${RA_RV}" + } + } + ] +} \ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-cert-service/resources/truststore.jks b/kubernetes/aaf/charts/aaf-cert-service/resources/truststore.jks new file mode 100644 index 0000000000..c32d37fd9d Binary files /dev/null and b/kubernetes/aaf/charts/aaf-cert-service/resources/truststore.jks differ -- cgit 1.2.3-korg