Versions Compared

Old Version 72

changes.mady.by.user Pawel Baniewski

Saved on

compared with

New Version 73

changes.mady.by.user Pawel Baniewski

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Input valueInput typeDescriptionUsage
CsrModelObjectPOJO which transfers sent CSR, plain fields extracted from CSR (like Common Name, Country, etc)
CsrModel:: csrorg.bouncycastle.pkcs.PKCS10CertificationRequest (question)Certificate Signing Request received via REST API
CsrModel:: subjectDNorg.bouncycastle.asn1.x500.X500NameSubjectDN retrieved from sent CSR
CsrModel:: privateKeyjava.security.PrivateKeyPrivate key received via REST API
CsrModel:: publicKeyjava.security.PublicKeyPublic key retrieved from sent CSR
CsrModel:: sansList of StringsSubject Alterative Names retrieved from sent CSR
CsrModel:: (question)(question)(question)(warning) Others (plain data extracted from sent CSR)  if needed (warning)(question)(question)(question)
CMPv2ServerDetailsObjectPOJO which transfers CMPv2 server properties
CMPv2ServerDetails:: CA nameStringCA name as configured in CMPv2 server properties
CMPv2ServerDetails:: URLURL or StringURL to CMPv2 server as configured in CMPv2 server details
CMPv2ServerDetails:: IssuerDNorg.bouncycastle.asn1.x500.X500NameIssuer DN as configured in CMPv2 server details
CMPv2ServerDetails:: CA modeENUMCA mode as configured in CMPv2 server details
CMPv2ServerDetails:: IAKStringIAK as configured in CMPv2 server details
CMPv2ServerDetails:: RVStringRV as configured in CMPv2 server details
CA nameStringCA name received via REST API

...

Return values from CMPv2 client

(warning)

CMPv2 client POC

TBD (warning)

Currently the POC for CMPv2 client is working based on the inputs below.

...

CertService's client input properties

GroupParameter nameENV variable nameRequiredDefaultSyntaxValidation rulesDescriptionOrigin

UrlREQUEST_URLNohttp(s)://cert-service:8080/v1/certificate/URLSyntax column

URL to Cert Service. Default value will be aligned with ONAP K8s deployment (Cert Service's K8s service name and port). Needs to be changed for plain docker deployment.

Application helm chart

TimeoutREQUEST_TIMEOUTNo30000

Int (0-120000)

Syntax columnTimeout for REST API calls. In miliseconds. A timeout value of zero is interpreted as an infinite timeout.Application helm chart

PathOUTPUT_PATHYes
String (1-256)

Syntax column

Path is valid *inx path

Path where client will output generated keystore and truststore. Normally this path should be on a volume which is used to transfer keystore and truststore between CertService's client and end componentApplication helm chart

CA nameCA_NAMEYes
String (1-128)

Syntax column

Must contain only alphanumeric characters

Name of CA which will enroll certificate. Must be same as configured on server side. Used in REST API callsOOM global value





CSR details

Common NameCOMMON_NAMEYes
Common name for

String (1-256)

Syntax column

CN can't contain (special characters (?, $, % and so on), IP addresses, Port numbers, or "http:// or https://")

Common name for which certificate from CMPv2 server should be issuedApplication
helm chart
helm chart
OrganizationORGANIZATIONYes
String (1-256)

Syntax column

Organization can't contain invalid characters from list "! @ # $ % ^ * ( ) ~ ? > < / \" (without "")

Organization
OrganizationORGANIZATIONYesOrganization
for which certificate from CMPv2 server should be issuedOOM global value
Organization UnitORGANIZATION_UNITNoNot available in generated certificateString (0-256)Syntax columnOrganization unit for which certificate from CMPv2 server should be issuedOOM global value
LocationLOCATIONNoNot available in generated certificateString (0-256)

Syntax column


Location for which certificate from CMPv2 server should be issuedOOM global value
StateSTATEYes
String (1-256)Syntax columnState for which certificate from CMPv2 server should be issuedOOM global value
CountryCOUNTRYYes
String(2)C must be a 2-character ISO format country codeCountry for which certificate from CMPv2 server should be issuedOOM global value
SANsSANSNoNot available in generated certificate

String (0-2048)

SAN1[:SAN2]

Syntax columnSubject Alternative Names (SANs) for which certificate from CMPv2 server should be issued. Colon is used as delimiterApplication helm chart

Results

As the successful result of running CertService's client (exitCode = 0) following artifacts are created:

...