summaryrefslogtreecommitdiffstats
path: root/docs/sections
diff options
context:
space:
mode:
Diffstat (limited to 'docs/sections')
-rw-r--r--docs/sections/build.rst12
-rw-r--r--docs/sections/configuration.rst14
-rw-r--r--docs/sections/introduction.rst2
-rw-r--r--docs/sections/logging.rst8
-rw-r--r--docs/sections/offeredapis.rst2
-rw-r--r--docs/sections/resources/OpenAPI.yaml2
-rw-r--r--docs/sections/usage.rst30
7 files changed, 36 insertions, 34 deletions
diff --git a/docs/sections/build.rst b/docs/sections/build.rst
index 44c38c46..17874de5 100644
--- a/docs/sections/build.rst
+++ b/docs/sections/build.rst
@@ -9,20 +9,20 @@ Jenkins
-------
#. JJB Master
- https://jenkins.onap.org/view/aaf/job/aaf-certservice-master-merge-java/
+ https://jenkins.onap.org/view/oom-platform-cert-service/job/oom-platform-cert-service-master-merge-java/
#. JJB Stage
- https://jenkins.onap.org/view/aaf/job/aaf-certservice-maven-docker-stage-master/
+ https://jenkins.onap.org/view/oom-platform-cert-service/job//oom-platform-cert-service-maven-docker-stage-master/
#. JJB Release
- https://jenkins.onap.org/view/aaf/job/aaf-certservice-maven-stage-master/
- https://jenkins.onap.org/view/aaf/job/aaf-certservice-release-merge/
+ https://jenkins.onap.org/view/oom-platform-cert-service/job//oom-platform-cert-service-maven-stage-master/
+ https://jenkins.onap.org/view/oom-platform-cert-service/job//oom-platform-cert-service-release-merge/
#. JJB CSIT
- https://jenkins.onap.org/view/CSIT/job/aaf-master-csit-certservice/
+ https://jenkins.onap.org/view/CSIT/job/oom-platform-cert-service-master-csit-certservice/
Environment
-----------
@@ -36,7 +36,7 @@ Environment
How to build images?
--------------------
-#. Checkout the project from https://gerrit.onap.org/r/#/admin/projects/aaf/certservice
+#. Checkout the project from https://gerrit.onap.org/r/#/admin/projects/oom/platform/cert-service
#. Read information stored in README.md file
#. Use a Makefile to build images::
diff --git a/docs/sections/configuration.rst b/docs/sections/configuration.rst
index b325712e..bf8791fb 100644
--- a/docs/sections/configuration.rst
+++ b/docs/sections/configuration.rst
@@ -18,7 +18,7 @@ Example cmpServers.json file:
"cmpv2Servers": [
{
"caName": "Client",
- "url": "http://aafcert-ejbca:8080/ejbca/publicweb/cmp/cmp",
+ "url": "http://oomcert-ejbca:8080/ejbca/publicweb/cmp/cmp",
"issuerDN": "CN=ManagementCA",
"caMode": "CLIENT",
"authentication": {
@@ -28,7 +28,7 @@ Example cmpServers.json file:
},
{
"caName": "RA",
- "url": "http://aafcert-ejbca:8080/ejbca/publicweb/cmp/cmpRA",
+ "url": "http://oomcert-ejbca:8080/ejbca/publicweb/cmp/cmpRA",
"issuerDN": "CN=ManagementCA",
"caMode": "RA",
"authentication": {
@@ -77,16 +77,16 @@ When application is running:
docker exec -it <certservice-container-name> bash
e.g.
- docker exec -it aafcert-service bash
+ docker exec -it oomcert-service bash
3. Edit *cmpServers.json* file::
- vim /etc/onap/aaf/certservice/cmpServers.json
+ vim /etc/onap/oom/certservice/cmpServers.json
4. Save the file. Note that this file is mounted as volume, so change will be persistent.
5. Reload configuration::
- curl -I https://localhost:8443/reload --cacert /etc/onap/aaf/certservice/certs/root.crt --cert-type p12 --cert /etc/onap/aaf/certservice/certs/certServiceServer-keystore.p12 --pass $KEYSTORE_PASSWORD
+ curl -I https://localhost:8443/reload --cacert /etc/onap/oom/certservice/certs/root.crt --cert-type p12 --cert /etc/onap/oom/certservice/certs/certServiceServer-keystore.p12 --pass $KEYSTORE_PASSWORD
6. Exit container::
@@ -99,7 +99,7 @@ Configuring in OOM deployment:
Before OOM installation:
""""""""""""""""""""""""
-Note! This must be executed before calling *make all* (from OOM Installation) or needs remaking AAF charts.
+Note! This must be executed before calling *make all* (from OOM Installation) or needs remaking OOM charts.
1. Edit *cmpServers.json* file. If OOM *global.addTestingComponents* flag is set to:
@@ -233,7 +233,7 @@ Configuring EJBCA server for testing
To instantiate an EJBCA server for testing purposes with an OOM deployment, cmpv2Enabled and cmpv2Testing have to be changed to true in oom/kubernetes/aaf/values.yaml.
-cmpv2Enabled has to be true to enable aaf-cert-service to be instantiated and used with an external Certificate Authority to get certificates for secure communication.
+cmpv2Enabled has to be true to enable oom-cert-service to be instantiated and used with an external Certificate Authority to get certificates for secure communication.
If cmpv2Testing is enabled then an EJBCA test server will be instantiated in the OOM deployment as well, and will come pre-configured with a test CA to request a certificate from.
diff --git a/docs/sections/introduction.rst b/docs/sections/introduction.rst
index 9d6c7816..023066b8 100644
--- a/docs/sections/introduction.rst
+++ b/docs/sections/introduction.rst
@@ -12,6 +12,8 @@ Overview
In Frankfurt release AAF was enhanced by Certificate Management Protocol ver. 2 (CMPv2) support. Such support is handled by new AAF's microservice called CertService. CertService provides certificates signed by external CMPv2 server - further on such certificates are called operators certificates. Operators certificates are meant to secure external ONAP traffic - traffic between network functions (xNFs) and ONAP.
+In Guilin release CertService was moved from AAF repository to OOM repository.
+
Context View
------------
diff --git a/docs/sections/logging.rst b/docs/sections/logging.rst
index dba8f3e6..92a87fb0 100644
--- a/docs/sections/logging.rst
+++ b/docs/sections/logging.rst
@@ -17,7 +17,7 @@ To see CertService console logs use:
docker logs <cert-service-container-name>
e.g.
- docker logs aafcert-service
+ docker logs oomcert-service
- Kubernetes:
@@ -39,7 +39,7 @@ CertService logs for different logging levels are available in the container:
docker exec -it <cert-service-container-name> bash
e.g.
- docker exec -it aafcert-service bash
+ docker exec -it oomcert-service bash
- Kubernetes:
@@ -52,7 +52,7 @@ CertService logs for different logging levels are available in the container:
Path to logs:
- /var/log/onap/aaf/certservice
+ /var/log/onap/oom/certservice
Available log files:
@@ -75,7 +75,7 @@ To see CertService client console logs use :
docker logs <cert-service-client-container-name>
e.g.
- docker logs aafcert-client
+ docker logs oomcert-client
- Kubernetes:
CertService client is used as init container in other components. In the following example:
diff --git a/docs/sections/offeredapis.rst b/docs/sections/offeredapis.rst
index b757b3bd..21a4bb60 100644
--- a/docs/sections/offeredapis.rst
+++ b/docs/sections/offeredapis.rst
@@ -6,7 +6,7 @@
Offered APIs
=============
-AAF Cert Service Api
+OOM Cert Service Api
--------------------
.. code-block:: yaml
diff --git a/docs/sections/resources/OpenAPI.yaml b/docs/sections/resources/OpenAPI.yaml
index 14f8b6bc..d20f833e 100644
--- a/docs/sections/resources/OpenAPI.yaml
+++ b/docs/sections/resources/OpenAPI.yaml
@@ -1,5 +1,5 @@
# ============LICENSE_START=======================================================
-# aaf-certservice
+# oom-certservice
# ================================================================================
# Copyright (C) 2020 Nokia. All rights reserved.
# ================================================================================
diff --git a/docs/sections/usage.rst b/docs/sections/usage.rst
index 759284bd..b8bf7f69 100644
--- a/docs/sections/usage.rst
+++ b/docs/sections/usage.rst
@@ -12,7 +12,7 @@ CertService client needs the following configuration parameters to work properly
1. Parameters for generating certification artifacts and connecting to CertService API to obtain certificate and trust anchors
- - REQUEST_URL *(default: https://aaf-cert-service:8443/v1/certificate/)* - URL to CertService API
+ - REQUEST_URL *(default: https://oom-cert-service:8443/v1/certificate/)* - URL to CertService API
- REQUEST_TIMEOUT *(default: 30000[ms])* - Timeout in milliseconds for REST API calls
- OUTPUT_PATH *(required)* - Path where client will output generated certificate and trust anchor
- CA_NAME *(required)* - Name of CA which will enroll certificate. Must be same as configured on server side. Used in REST API calls
@@ -44,12 +44,12 @@ CertService client image can be found on Nexus repository :
.. code-block:: bash
- nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:$VERSION
+ nexus3.onap.org:10001/onap/org.onap.oom.certservice.oom-certservice-client:$VERSION
As standalone docker container
------------------------------
-You need certificate and trust anchors to connect to CertService API via HTTPS. Information how to generate truststore and keystore files you can find in project repository README `Gerrit GitWeb <https://gerrit.onap.org/r/gitweb?p=aaf%2Fcertservice.git;a=summary>`__
+You need certificate and trust anchors to connect to CertService API via HTTPS. Information how to generate truststore and keystore files you can find in project repository README `Gerrit GitWeb <https://gerrit.onap.org/r/gitweb?p=oom%2Fplatform%2Fcert-service.git;a=summary>`__
To run CertService client as standalone docker container execute following steps:
@@ -74,9 +74,9 @@ To run CertService client as standalone docker container execute following steps
SANS=test.onap.org:onap.com
#TLS config envs
- KEYSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks
+ KEYSTORE_PATH=/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks
KEYSTORE_PASSWORD=<password to certServiceClient-keystore.jks>
- TRUSTSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-truststore.jks
+ TRUSTSTORE_PATH=/etc/onap/oom/certservice/certs/certServiceClient-truststore.jks
TRUSTSTORE_PASSWORD=<password to certServiceClient-truststore.jks>
2. Run docker container as in following example (API and client must be running in same network):
@@ -85,13 +85,13 @@ To run CertService client as standalone docker container execute following steps
docker run \
--rm \
- --name aafcert-client \
+ --name oomcert-client \
--env-file <$PWD/client.env (same as in step1)> \
--network <docker network of cert service> \
--mount type=bind,src=<path to local host directory where certificate and trust anchor will be created>,dst=<OUTPUT_PATH (same as in step 1)> \
--volume <local path to keystore in JKS format>:<KEYSTORE_PATH> \
--volume <local path to truststore in JKS format>:<TRUSTSTORE_PATH> \
- nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:$VERSION
+ nexus3.onap.org:10001/onap/org.onap.oom.certservice.oom-certservice-client:$VERSION
@@ -99,14 +99,14 @@ After successful creation of certifications, container exits with exit code 0, e
.. code-block:: bash
- INFO 1 [ main] o.o.a.c.c.c.f.ClientConfigurationFactory : Successful validation of Client configuration. Configuration data: REQUEST_URL: https://aaf-cert-service:8443/v1/certificate/, REQUEST_TIMEOUT: 10000, OUTPUT_PATH: /var/certs, CA_NAME: RA, OUTPUT_TYPE: P12
+ INFO 1 [ main] o.o.a.c.c.c.f.ClientConfigurationFactory : Successful validation of Client configuration. Configuration data: REQUEST_URL: https://oom-cert-service:8443/v1/certificate/, REQUEST_TIMEOUT: 10000, OUTPUT_PATH: /var/certs, CA_NAME: RA, OUTPUT_TYPE: P12
INFO 1 [ main] o.o.a.c.c.c.f.CsrConfigurationFactory : Successful validation of CSR configuration. Configuration data: COMMON_NAME: onap.org, COUNTRY: US, STATE: California, ORGANIZATION: Linux-Foundation, ORGANIZATION_UNIT: ONAP, LOCATION: San-Francisco, SANS: test.onap.org:onap.org
INFO 1 [ main] o.o.a.c.c.c.KeyPairFactory : KeyPair generation started with algorithm: RSA and key size: 2048
INFO 1 [ main] o.o.a.c.c.c.CsrFactory : Creation of CSR has been started with following parameters: COMMON_NAME: onap.org, COUNTRY: US, STATE: California, ORGANIZATION: Linux-Foundation, ORGANIZATION_UNIT: ONAP, LOCATION: San-Francisco, SANS: test.onap.org:onap.org
INFO 1 [ main] o.o.a.c.c.c.CsrFactory : Creation of CSR has been completed successfully
INFO 1 [ main] o.o.a.c.c.c.CsrFactory : Conversion of CSR to PEM has been started
INFO 1 [ main] o.o.a.c.c.c.PrivateKeyToPemEncoder : Attempt to encode private key to PEM
- INFO 1 [ main] o.o.a.c.c.h.HttpClient : Attempt to send request to API, on url: https://aaf-cert-service:8443/v1/certificate/RA
+ INFO 1 [ main] o.o.a.c.c.h.HttpClient : Attempt to send request to API, on url: https://oom-cert-service:8443/v1/certificate/RA
INFO 1 [ main] o.o.a.c.c.h.HttpClient : Received response from API
DEBUG 1 [ main] o.o.a.c.c.c.c.ConvertedArtifactsCreator : Attempt to create keystore files and saving data. File names: keystore.p12, keystore.pass
INFO 1 [ main] o.o.a.c.c.c.c.PemConverter : Conversion of PEM certificates to PKCS12 keystore
@@ -160,11 +160,11 @@ You can use the following deployment example as a reference:
...
initContainers:
- name: cert-service-client
- image: nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:latest
+ image: nexus3.onap.org:10001/onap/org.onap.oom.certservice.oom-certservice-client:latest
imagePullPolicy: Always
env:
- name: REQUEST_URL
- value: https://aaf-cert-service:8443/v1/certificate/
+ value: https://oom-cert-service:8443/v1/certificate/
- name: REQUEST_TIMEOUT
value: "1000"
- name: OUTPUT_PATH
@@ -188,17 +188,17 @@ You can use the following deployment example as a reference:
- name: SANS
value: test.onap.org:onap.com
- name: KEYSTORE_PATH
- value: /etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks
+ value: /etc/onap/oom/certservice/certs/certServiceClient-keystore.jks
- name: KEYSTORE_PASSWORD
value: secret
- name: TRUSTSTORE_PATH
- value: /etc/onap/aaf/certservice/certs/truststore.jks
+ value: /etc/onap/oom/certservice/certs/truststore.jks
- name: TRUSTSTORE_PASSWORD
value: secret
volumeMounts:
- mountPath: /var/certs
name: certs
- - mountPath: /etc/onap/aaf/certservice/certs/
+ - mountPath: /etc/onap/oom/certservice/certs/
name: tls-volume
...
volumes:
@@ -206,6 +206,6 @@ You can use the following deployment example as a reference:
emptyDir: {}
- name tls-volume
secret:
- secretName: aaf-cert-service-client-tls-secret # Value of global.aaf.certService.client.secret.name
+ secretName: oom-cert-service-client-tls-secret # Value of global.oom.certService.client.secret.name
...