Versions Compared

Old Version 29

changes.mady.by.user Bogumil Zebek

Saved on

compared with

New Version 30

changes.mady.by.user user-57227

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Create a repository in gerrit
    1. Create a ticket at https://jira.linuxfoundation.org/servicedesk/customer/portal/2/create/102?q=create%20repository&q_time=1581674068823
  2. Configure pom.xml in project
    1.  An example: https://gerrit.onap.org/r/gitweb?p=aaf/certservice.git;a=blob;f=certService/pom.xml;h=3f17f3904b45f48007c7cf10cb54b2b814447226;hb=HEAD
  3. Configure Jenkins Jobs
    1. https://gerrit.onap.org/r/c/ci-management/ /101668
    2. Contact person:
      1. jwagantall@linuxfoundation.org
  4. Documentation
    1. An example:  https://gerrit.onap.org/r/#/c/cli/ /101293/
    2. Contact person:
      1. sofia.wallin@est.tech
      2. jwagantall@linuxfoundation.org

How to create CSR and PK for certificate endpoint

  1. Create CSR and PK using openssl;

    1. create configuration file : 

      Code Block
      titlecsr.config
      [ req ]
default_bits       = 2048
distinguished_name = req_distinguished_name
req_extensions     = req_ext
[ req_distinguished_name ]
countryName                     = Country Name (2 letter code)
countryName_default                     = US
stateOrProvinceName             = State or Province Name (full name)
stateOrProvinceName_default             = California
localityName                    = Locality Name (eg, city)
localityName_default                    = San-Francisco
organizationName                = Organization Name (eg, company)
organizationName_default                = Linux-Foundation
organizationalUnitName          = Organizational Unit Name (eg, section)
organizationalUnitName_default          = ONAP
commonName                      = Common Name (e.g. server FQDN or YOUR name)
commonName_default                      = onap.org
emailAddress                    = Email Address
emailAddress_default                    = tester@onap.org
[ req_ext ]
subjectAltName = @alt_names
[ alt_names ]
DNS.1   = onap.org
DNS.2   = test.onap.org


    2. run openssl command that will generate CSR (onap.csr) and private key (onap.key), using csr.config :

      Code Block
      languagebash
      openssl req -out onap.csr -newkey rsa:2048 -nodes -keyout onap.key -config csr.config


  2. Encode CSR and private key in Base64. You can use this  java code to create onap.csr.b64 and onap.key.b64 :

    Code Block
    languagejava
        private static void encodeCsrAndPkInBase64() throws IOException {
        String csr = Files.readString(Paths.get(PATH_TO_CSR));
        String pk = Files.readString(Paths.get(PATH_TO_PK));

        String encodedCsr = new String(Base64.getEncoder().encode(csr.getBytes()));
        String encodedPk = new String(Base64.getEncoder().encode(pk.getBytes()));

        Files.writeString(Paths.get(PATH_TO_CSR+".b64"), encodedCsr);
        Files.writeString(Paths.get(PATH_TO_PK+".b64"), encodedPk);
    }


  3. Paste  onap.csr.b64 content in to CSR header, and onap.key.b64 content in to PK header in certifcate request

How to run CertService Client

As standalone docker:

...