blob: 8943910eb05440ecb48321dc29afcf3226270672 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. http://creativecommons.org/licenses/by/4.0
.. Copyright 2018 Amdocs, Bell Canada
.. Links
.. _hardcoded-certiticates-label:
ONAP Hardcoded certificates
###########################
ONAP current installation have hardcoded certificates.
Here's the list of these certificates:
+------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Project | ONAP Certificate | Own Certificate | MSB Certificate | Path |
+==================+==================+==================+===================================================================================================+
| AAF | No | Yes | No | aaf/charts/aaf-cert-service/resources/ |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| AAF | Yes | No | No | aaf/components/aaf-sms/resources/certs/intermediate_root_ca.pem |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| AAI | Yes | No | No | aai/oom/resources/config/haproxy/aai.pem |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| AAI | Yes | No | No | aai/oom/resources/config/aai/aai_keystore |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| AAI/SEARCH-DATA | Yes | No | No | aai/oom/components/aai-search-data/resources/config/auth/tomcat_keystore |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| AAI/SPARKY-BE | Yes | No | No | aai/oom/components/aai-spary-be/resources/config/auth/org.onap.aai.p12 |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| AAI/BABEL | No | Yes | No | aai/oom/components/aai-babel/resources/config/auth/tomcat_keystore |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| AAI/MODEL-LOADER | Yes | Yes | No | aai/oom/components/aai-model-loaderresources/config/auth/tomcat_keystore |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| APPC | Yes | No | No | kubernetes/appc/resources/config/certs/org.onap.appc.keyfile |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| APPC | Yes | No | No | kubernetes/appc/resources/config/certs/org.onap.appc.p12 |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| certInitializer | Yes | No | No | kubernetes/common/certInitializer/resources |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| MSB | Yes | No? | Yes | kubernetes/msb/resources/config/certificates |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| MUSIC | Yes | No? | No? | kubernetes/common/music/charts/music/resources/keys/ |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| SDC | Yes | No? | No? | kubernetes/sdc/resources/cert |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| SO | Yes | No? | Yes | kubernetes/so/resources/config/certificates |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| SO/BPMN | Yes | No? | Yes | kubernetes/so/resources/config/certificates |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| SO/Catalog | Yes | No? | Yes | kubernetes/so/resources/config/certificates |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| SO/Monitoring | Yes | No? | Yes | kubernetes/so/resources/config/certificates |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| SO/OpenStack | Yes | No? | Yes | kubernetes/so/resources/config/certificates |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| SO/RequestDb | Yes | No? | Yes | kubernetes/so/resources/config/certificates |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| SO/SDC | Yes | No? | Yes | kubernetes/so/resources/config/certificates |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| SO/SDNC | Yes | No? | Yes | kubernetes/so/resources/config/certificates |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| SO/VE/VNFM | Yes | No? | Yes | kubernetes/so/resources/config/certificates |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| SO/VFC | Yes | No? | Yes | kubernetes/so/resources/config/certificates |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| SO/VNFM | Yes | No? | Yes | kubernetes/so/resources/config/certificates |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| SO/VNFM | No | Yes? | Yes | kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jks |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| VID | No | Yes | No | kubernetes/vid/resources/cert |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| OOF/OOF-CMSO | Yes | No | No | kubernetes/oof/charts/oof-cmso/resources/certs |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| OOF/OOF-HAS | Yes | No | No | kubernetes/oof/charts/oof-has/resources/config |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| OOF/OOF-OSDF | Yes | No | No | kubernetes/oof/resources/config |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| CLI | No | Yes | No | kubernetes/cli/resources/certificates |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| CDS PY Executor | No | Yes | No | kubernetes/cds/charts/cds-py-executor/resources/certs |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| CDS BP Executor | Yes | No | No | kubernetes/cds/charts/cds-blueprints-processor/resources/config/ONAP_RootCA.cer |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
|