-----BEGIN CERTIFICATE-----
MIIDyzCCArMCCQDrA8zzZKXznDANBgkqhkiG9w0BAQsFADCBrTELMAkGA1UEBhMC
VVMxCzAJBgNVBAgMAk5KMRMwEQYDVQQHDApCZWRtaW5zdGVyMRIwEAYDVQQKDAlP
cGVuRUNPTVAxEzARBgNVBAsMCnNpbXBsZWRlbW8xKjAoBgNVBAMMIU9wZW5FQ09N
UCBzaW1wbGVkZW1vIFNlcnZlciBDQSBYMTEnMCUGCSqGSIb3DQEJARYYc2ltcGxl
ZGVtb0BvcGVuZWNvbXAub3JnMB4XDTE3MTEwMzIzNDUzNVoXDTE4MTIwNjIzNDUz
NVowgaAxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJOSjEUMBIGA1UEBwwLQmVkbWlu
aXN0ZXIxDTALBgNVBAoMBE9OQVAxKTAnBgNVBAMMIGFhaS5hcGkuc2ltcGxlZGVt
by5vcGVuZWNvbXAub3JnMTQwMgYJKoZIhvcNAQkBFiVhYWktaG9zdEBhcGkuc2lt
cGxlZGVtby5vcGVuZWNvbXAub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6gFktbGZVt4o78kU6oeCdqx04yPNTd1qRmJ06CD87fgrIDCTXVC+PE7R
hHd1V71aNnoElBzn+mwetn4qG4T9IqAJvFIXxrzLpS7WlKBxStFhe4GNXl+RDqWc
UM+47+s32TwZ3czQrhMVR9VNENUHo2d6XylGaUDcVgrMYWbFYWfmIJ4tO1latW9n
h+perB0nNBxNDK9nYtjLHQk6ukTmONSnldvCgu/TFX5C34qB49cI0LmCf5Lwk9tv
8dmTZ6Um8A0EbQen+uPaaHeEXm/EtFy0FSVzoKmxuQS0g4JNhfnfNCHVDO7zGE+N
pCb9VfUI2fXIZvjNBAemKN/b2i5d6QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBh
93eaeAw0aA4ukAPpuWIODxxAnZlFfDH4uzwnv6smDJzO1biRwQ5BBZfL8qSVozrp
aDKeIPWP7fZvjl3mGfCp8mLkI6WkfXVcZy5IlJGDTnW+G8Cpohq910W/Ibp1J9zx
Ki4IdgKx7FbSYLpgwH2g2EPshHXQX2qFdxYvnEH0PzJjYBKeyyHV3N2kNr6+kM3Q
HpXXIiLNbNcqLT+9zOmuJszN8ILLV56vu8Clzwxld+ru0tiO2OJk2eT+mtw2PI1/
jcYqEEdOIZycrQiytxXgvte7A9VFQP/1Tl22BBYrAW2BhyW67kopATeiSunK1FmO
DLcT7mR+59F964RV9BJR
-----END CERTIFICATE-----
1 Comment
Huang Haibin
Did you have use this certificate?
I have used it got below error info.
vagrant@worker1:~$ curl --cacert /home/vagrant/ca.crt https://10.96.0.34:8443/aai/v11/cloud-infrastructure/cloud-regions
curl: (60) server certificate verification failed. CAfile: /home/vagrant/ca.crt CRLfile: none
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
vagrant@worker1:~$
vagrant@worker1:~$ cat /home/vagrant/ca
cat: /home/vagrant/ca: No such file or directory
vagrant@worker1:~$ cat /home/vagrant/ca.crt
-----BEGIN CERTIFICATE-----
MIIDyzCCArMCCQDrA8zzZKXznDANBgkqhkiG9w0BAQsFADCBrTELMAkGA1UEBhMC
VVMxCzAJBgNVBAgMAk5KMRMwEQYDVQQHDApCZWRtaW5zdGVyMRIwEAYDVQQKDAlP
cGVuRUNPTVAxEzARBgNVBAsMCnNpbXBsZWRlbW8xKjAoBgNVBAMMIU9wZW5FQ09N
UCBzaW1wbGVkZW1vIFNlcnZlciBDQSBYMTEnMCUGCSqGSIb3DQEJARYYc2ltcGxl
ZGVtb0BvcGVuZWNvbXAub3JnMB4XDTE3MTEwMzIzNDUzNVoXDTE4MTIwNjIzNDUz
NVowgaAxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJOSjEUMBIGA1UEBwwLQmVkbWlu
aXN0ZXIxDTALBgNVBAoMBE9OQVAxKTAnBgNVBAMMIGFhaS5hcGkuc2ltcGxlZGVt
by5vcGVuZWNvbXAub3JnMTQwMgYJKoZIhvcNAQkBFiVhYWktaG9zdEBhcGkuc2lt
cGxlZGVtby5vcGVuZWNvbXAub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6gFktbGZVt4o78kU6oeCdqx04yPNTd1qRmJ06CD87fgrIDCTXVC+PE7R
hHd1V71aNnoElBzn+mwetn4qG4T9IqAJvFIXxrzLpS7WlKBxStFhe4GNXl+RDqWc
UM+47+s32TwZ3czQrhMVR9VNENUHo2d6XylGaUDcVgrMYWbFYWfmIJ4tO1latW9n
h+perB0nNBxNDK9nYtjLHQk6ukTmONSnldvCgu/TFX5C34qB49cI0LmCf5Lwk9tv
8dmTZ6Um8A0EbQen+uPaaHeEXm/EtFy0FSVzoKmxuQS0g4JNhfnfNCHVDO7zGE+N
pCb9VfUI2fXIZvjNBAemKN/b2i5d6QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBh
93eaeAw0aA4ukAPpuWIODxxAnZlFfDH4uzwnv6smDJzO1biRwQ5BBZfL8qSVozrp
aDKeIPWP7fZvjl3mGfCp8mLkI6WkfXVcZy5IlJGDTnW+G8Cpohq910W/Ibp1J9zx
Ki4IdgKx7FbSYLpgwH2g2EPshHXQX2qFdxYvnEH0PzJjYBKeyyHV3N2kNr6+kM3Q
HpXXIiLNbNcqLT+9zOmuJszN8ILLV56vu8Clzwxld+ru0tiO2OJk2eT+mtw2PI1/
jcYqEEdOIZycrQiytxXgvte7A9VFQP/1Tl22BBYrAW2BhyW67kopATeiSunK1FmO
DLcT7mR+59F964RV9BJR
-----END CERTIFICATE-----
vagrant@worker1:~$ kubectl get services --all-namespaces | grep aai-service
onap-aai aai-service 10.96.0.34 <nodes> 8443:30233/TCP,8080:30232/TCP