[OOM-CERT-SERVICE] Modify EJBCA configuration

- Do not create default ManagementCA with generated UID
- Create ManagementCA with hardcoded UID to allow performing KUR

Issue-ID: OOM-2753
Signed-off-by: Joanna Jeremicz <joanna.jeremicz@nokia.com>
Change-Id: Ief51c27200300118ffa0206ba2657504ce4bc69c

2 files changed, 12 insertions, 2 deletions

diff --git a/compose-resources/cmpServers.json b/compose-resources/cmpServers.json
index 72564949..8972fd4d 100644
--- a/compose-resources/cmpServers.json
+++ b/compose-resources/cmpServers.json
@@ -3,7 +3,7 @@
     {
       "caName": "Client",
       "url": "http://oomcert-ejbca:8080/ejbca/publicweb/cmp/cmp",
-      "issuerDN": "CN=ManagementCA",
+      "issuerDN": "O=EJBCA Container Quickstart,CN=ManagementCA,UID=12345",
       "caMode": "CLIENT",
       "authentication": {
         "iak": "mypassword",
@@ -13,7 +13,7 @@
     {
       "caName": "RA",
       "url": "http://oomcert-ejbca:8080/ejbca/publicweb/cmp/cmpRA",
-      "issuerDN": "CN=ManagementCA",
+      "issuerDN": "O=EJBCA Container Quickstart,CN=ManagementCA,UID=12345",
       "caMode": "RA",
       "authentication": {
         "iak": "mypassword",
diff --git a/compose-resources/ejbca-configuration.sh b/compose-resources/ejbca-configuration.sh
index 8e6bd038..42e3f6bd 100755
--- a/compose-resources/ejbca-configuration.sh
+++ b/compose-resources/ejbca-configuration.sh
@@ -1,6 +1,16 @@
 #!/bin/bash
 
 configureEjbca() {
+    ejbca.sh ca init \
+      --caname ManagementCA \
+      --dn "O=EJBCA Container Quickstart,CN=ManagementCA,UID=12345" \
+      --tokenType soft \
+      --keyspec 3072 \
+      --keytype RSA \
+      -v 3652 \
+      --policy null \
+      -s SHA256WithRSA \
+      -type "x509"
     ejbca.sh config cmp addalias --alias cmpRA
     ejbca.sh config cmp updatealias --alias cmpRA --key operationmode --value ra
     ejbca.sh ca editca --caname ManagementCA --field cmpRaAuthSecret --value mypassword