The steps that were followed to generate certificates to be used to deploy the CMSO Spring Boot services in OOM with HTTPS enabled in Windriver Lab. This assumes you already have access to the Windriver Lab.
Updating the oof.onap Certificate in AAF
In order to access AAF https://aaf-onap-test.osaaf.org:8200/gui/home you will need to update your /etc/hosts file (C:\Windows\System32\drivers\etc\hosts on Windows)
| 10.12.5.145 aaf-onap-test.osaaf.org |
|---|
Note that the IP can change. Not sure how to find out where it is running when it does. Found it here https://docs.onap.org/en/latest/submodules/aaf/authz.git/docs/sections/configuration/AAF_4.1_config.html, but this could change too 
Navigating to the AAF Certificate
From here: https://aaf-onap-test.osaaf.org:8200/gui/nsdetail?ns=org.onap.oof
Or, if you want the oof.onap certificate, just click on https://aaf-onap-test.osaaf.org:8200/gui/artichange?id=oof@oof.onap.org&machine=oof.onap&ns=org.onap.oof
Downloading the AAF certificate Artifacts
This must be done from a host that can run docker and has it's etc hosts updated as above:
| 10.12.5.145 aaf-onap-test.osaaf.org |
|---|
This is the Reader's Digest version of https://docs.onap.org/en/latest/submodules/aaf/authz.git/docs/sections/configuration/AAF_4.1_config.html
- Download https://gerrit.onap.org/r/gitweb?p=aaf/authz.git;a=blob_plain;f=auth/docker/agent.sh;hb=HEAD
- Rename file to agent.sh
Running agent.sh will prompt for many arguments which will be stored in ./aaf.props file. Subsequent executions of agent.sh will pull the values from aaf.props so if you need to change a value, it should be done in aaf.props (or delete it and start over)
agent.sh will run a docker image which will download all the artifacts to the Directory /opt/app/osaaf/local in the docker image.
The Application FQDN is the FQDN * oof.onap so we will add our Windriver lab VPN IP that to our /etc/hosts file as well
| 10.12.5.145 aaf-onap-test.osaaf.org 10.12.25.177 oof.onap |
|---|
On Unix host, run ifconfig while connected to the VPN
| ifconfig -a|grep 10.12 inet 10.12.25.177 --> 10.12.25.178 netmask 0xffffffff |
|---|
These files will not be accessible by default when the script is done because it is going to a docker volume that is in the VOLUME attribute in aaf.props. For some reason, the script does not allow the VOLUME to be a local folder on your host so, the easiest thing to so is...