...
CertService's client communicates with CertService via REST API over HTTPS, while CertService with CMPv2 server via CMP over HTTP.
...
Swagger will be added here 
Security considerations
CertService's REST API will be protected by mutual HTTPS, meaning server will request client's certificate and authenticate only requests with trusted certificate. After ONAP default installation only certificate from CertService's client will be trusted. Authorization won't be supported in Frankfurt release.
CMPv2 server properties
CertService contains configuration of CMPv2 servers. To enroll certificate at least one CMPv2 server has to be configured. CMPv2 server configuration is read during CertService startup and runtime changes require 
CertService restart.
...