From aa6ac8c5b2cd25ca988bdcc7e0ee8716ff75d8cf Mon Sep 17 00:00:00 2001
From: Joanna Jeremicz <joanna.jeremicz@nokia.com>
Date: Wed, 30 Jun 2021 15:30:57 +0200
Subject: [OOM-CERT-SERVICE] Modify EJBCA configuration

- Do not create default ManagementCA with generated UID
- Create ManagementCA with hardcoded UID to allow performing KUR

Issue-ID: OOM-2753
Signed-off-by: Joanna Jeremicz <joanna.jeremicz@nokia.com>
Change-Id: Ief51c27200300118ffa0206ba2657504ce4bc69c
---
 compose-resources/ejbca-configuration.sh | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'compose-resources/ejbca-configuration.sh')

diff --git a/compose-resources/ejbca-configuration.sh b/compose-resources/ejbca-configuration.sh
index 8e6bd038..42e3f6bd 100755
--- a/compose-resources/ejbca-configuration.sh
+++ b/compose-resources/ejbca-configuration.sh
@@ -1,6 +1,16 @@
 #!/bin/bash
 
 configureEjbca() {
+    ejbca.sh ca init \
+      --caname ManagementCA \
+      --dn "O=EJBCA Container Quickstart,CN=ManagementCA,UID=12345" \
+      --tokenType soft \
+      --keyspec 3072 \
+      --keytype RSA \
+      -v 3652 \
+      --policy null \
+      -s SHA256WithRSA \
+      -type "x509"
     ejbca.sh config cmp addalias --alias cmpRA
     ejbca.sh config cmp updatealias --alias cmpRA --key operationmode --value ra
     ejbca.sh ca editca --caname ManagementCA --field cmpRaAuthSecret --value mypassword
-- 
cgit 1.2.3-korg