...
Method | Endpoint | Parameter | Returned values | ||||||
---|---|---|---|---|---|---|---|---|---|
Name | Is required? | Transfer method | Description | Name | Always returned? | Transfer method | Description | ||
GET | /v1/certificate/{caName} | CA name | Yes | Path parameter | Name of Certificate Authority which should sign sent CSR. Must match CertService's CMPv2 servers configuration. | Certificate chain | Yes | Body (JSON) | Base64 decoded |
Base64 encoded CSR (Certificate Signing Request) | Yes | Header | Certificate Signing Request for given component | Trusted certificates | Yes | Body (JSON) | Base64 decoded | ||
Base64 encoded private key | Yes | Header | Private key. Needed to create proof of possession (PoP) |
...
Group | Parameter name | ENV variable name | Required | Default | Syntax | Description | Origin |
---|---|---|---|---|---|---|---|
Url | REQUEST_URL | No | http(s)://cert-service:8080/v1/certificate/ | URL | URL to Cert Service. Default value will be aligned with ONAP K8s deployment (Cert Service's K8s service name and port). Needs to be changed for plain docker deployment. | Application helm chart | |
Timeout | REQUEST_TIMEOUT | No | 30000 | 0-120000 | Timeout for REST API calls. In miliseconds. A timeout value of zero is interpreted as an infinite timeout. | Application helm chart | |
Path | OUTPUT_PATH | Yes | Path where client will output generated keystore and truststore. Normally this path should be on a volume which is used to transfer keystore and truststore between CertService's client and end component | Application helm chart | |||
CA name | CA_NAME | Yes | Name of CA which will enroll certificate. Must be same as configured on server side. Used in REST API calls | OOM global value | |||
CSR details | Common Name | COMMON_NAME | Yes | Common name for which certificate from CMPv2 server should be issued | Application helm chart | ||
Organization | ORGANIZATION | Yes | Organization for which certificate from CMPv2 server should be issued | OOM global value | |||
Organization Unit | ORGANIZATION_UNIT | No | Not available in generated certificate | Organization unit for which certificate from CMPv2 server should be issued | OOM global value | ||
Location | LOCATION | No | Not available in generated certificate | Location for which certificate from CMPv2 server should be issued | OOM global value | ||
State | STATE | Yes | State for which certificate from CMPv2 server should be issued | OOM global value | |||
Country | COUNTRY | Yes | Country for which certificate from CMPv2 server should be issued | OOM global value | |||
SANs | SANS | No | Not available in generated certificate | SAN1[:SAN2] | Subject Alternative Names (SANs) for which certificate from CMPv2 server should be issued. Colon is used as delimiter | Application helm chart |
...