...
Security considerations
CertService's REST API will be is protected by mutual HTTPS, meaning server will request requests client's certificate and authenticate only requests with trusted certificate. After ONAP default installation only certificate from CertService's client will be is trusted. Authorization won isn't be supported in Frankfurt release.
Components description
CertService
REST API
Method | Endpoint | Parameter | Returned values | ||||||
---|---|---|---|---|---|---|---|---|---|
Name | Is required? | Transfer method | Description | Name | Always returned? | Transfer method | Description | ||
GET | /certificate/{caName} | CA name | Yes | Path parameter | Name of Certificate Authority which should sign sent CSR. Must match CertService's CMPv2 servers configuration. | Certificate chain | Yes | Body (JSON) | Base64 decoded |
Base64 encoded CSR (Certificate Signing Request) | Yes | Header | Certificate Signing Request for given component | Trusted certificates | Yes | Body (JSON) | Base64 decoded | ||
Base64 encoded private key | Yes | Header | Private key. Needed to create proof of possession (PoP) |
OpenAPI
Swagger will be added here
...