summaryrefslogtreecommitdiffstats
path: root/docs/oom_hardcoded_certificates.rst
blob: 922cd5f01d314bddbd80259bab93598eedd6334b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. http://creativecommons.org/licenses/by/4.0
.. Copyright 2018 Amdocs, Bell Canada

.. Links
.. _hardcoded-certiticates-label:

ONAP Hardcoded certificates
###########################

ONAP current installation have hardcoded certificates.
Here's the list of these certificates:

 +------------------------------------------------------------------------------------------------------------------------------------------------------------+
 | Project          | ONAP Certificate | Own Certificate  | MSB Certificate | Path                                                                            |
 +==================+==================+==================+===================================================================================================+
 | AAF              | No               | Yes              | No              | aaf/charts/aaf-cert-service/resources/                                          |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | AAF              | Yes              | No               | No              | aaf/components/aaf-sms/resources/certs/intermediate_root_ca.pem                 |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | AAI              | Yes              | No               | No              | aai/oom/resources/config/haproxy/aai.pem                                        |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | AAI              | Yes              | No               | No              | aai/oom/resources/config/aai/aai_keystore                                       |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | AAI/SEARCH-DATA  | Yes              | No               | No              | aai/oom/components/aai-search-data/resources/config/auth/tomcat_keystore        |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | AAI/SPARKY-BE    | Yes              | No               | No              | aai/oom/components/aai-spary-be/resources/config/auth/org.onap.aai.p12          |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | AAI/BABEL        | No               | Yes              | No              | aai/oom/components/aai-babel/resources/config/auth/tomcat_keystore              |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | AAI/MODEL-LOADER | Yes              | Yes              | No              | aai/oom/components/aai-model-loaderresources/config/auth/tomcat_keystore        |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | APPC             | Yes              | No               | No              | kubernetes/appc/resources/config/certs/org.onap.appc.keyfile                    |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | APPC             | Yes              | No               | No              | kubernetes/appc/resources/config/certs/org.onap.appc.p12                        |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | certInitializer  | Yes              | No               | No              | kubernetes/common/certInitializer/resources                                     |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | MSB              | Yes              | No?              | Yes             | kubernetes/msb/resources/config/certificates                                    |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | MUSIC            | Yes              | No?              | No?             | kubernetes/common/music/charts/music/resources/keys/                            |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | SDC              | Yes              | No?              | No?             | kubernetes/sdc/resources/cert                                                   |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | SO               | Yes              | No?              | Yes             | kubernetes/so/resources/config/certificates                                     |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | SO/BPMN          | Yes              | No?              | Yes             | kubernetes/so/resources/config/certificates                                     |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | SO/Catalog       | Yes              | No?              | Yes             | kubernetes/so/resources/config/certificates                                     |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | SO/Monitoring    | Yes              | No?              | Yes             | kubernetes/so/resources/config/certificates                                     |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | SO/OpenStack     | Yes              | No?              | Yes             | kubernetes/so/resources/config/certificates                                     |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | SO/RequestDb     | Yes              | No?              | Yes             | kubernetes/so/resources/config/certificates                                     |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | SO/SDC           | Yes              | No?              | Yes             | kubernetes/so/resources/config/certificates                                     |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | SO/SDNC          | Yes              | No?              | Yes             | kubernetes/so/resources/config/certificates                                     |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | SO/VE/VNFM       | Yes              | No?              | Yes             | kubernetes/so/resources/config/certificates                                     |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | SO/VFC           | Yes              | No?              | Yes             | kubernetes/so/resources/config/certificates                                     |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | SO/VNFM          | Yes              | No?              | Yes             | kubernetes/so/resources/config/certificates                                     |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | SO/VNFM          | No               | Yes?             | Yes             | kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jks           |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | VID              | No               | Yes              | No              | kubernetes/vid/resources/cert                                                   |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | OOF/OOF-CMSO     | Yes              | No               | No              | kubernetes/oof/charts/oof-cmso/resources/certs                                  |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | OOF/OOF-HAS      | Yes              | No               | No              | kubernetes/oof/charts/oof-has/resources/config                                  |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | OOF/OOF-OSDF     | Yes              | No               | No              | kubernetes/oof/resources/config                                                 |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | CLI              | No               | Yes              | No              | kubernetes/cli/resources/certificates                                           |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | CDS PY Executor  | No               | Yes              | No              | kubernetes/cds/charts/cds-py-executor/resources/certs                           |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | CDS BP Executor  | Yes              | No              | No               | kubernetes/cds/charts/cds-blueprints-processor/resources/config/ONAP_RootCA.cer |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
 | CCSDK dgbuilder  | No               | Yes             | No               | kubernetes/common/dgbuilder/resources/certs                                     |
 +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+