Invalid handling of external system certificates
Description
Environment
Attachments
- 27 Apr 2018, 02:40 PM
Confluence content
mentioned on
- https://wiki.onap.org/pages/viewpage.action?pageId=45300668
- https://wiki.onap.org/pages/viewpage.action?pageId=45305425
- https://wiki.onap.org/pages/viewpage.action?pageId=45307419
- https://wiki.onap.org/pages/viewpage.action?pageId=45307795
- https://wiki.onap.org/pages/viewpage.action?pageId=45310255
- https://wiki.onap.org/pages/viewpage.action?pageId=48529916
- https://wiki.onap.org/pages/viewpage.action?pageId=48532290
- https://wiki.onap.org/pages/viewpage.action?pageId=48532337
- https://wiki.onap.org/pages/viewpage.action?pageId=48533938
- https://wiki.onap.org/pages/viewpage.action?pageId=51282236
- https://wiki.onap.org/pages/viewpage.action?pageId=52495384
- https://wiki.onap.org/pages/viewpage.action?pageId=53250422
- https://wiki.onap.org/pages/viewpage.action?pageId=54723706
- https://wiki.onap.org/pages/viewpage.action?pageId=58229917
- https://wiki.onap.org/pages/viewpage.action?pageId=58232997
- https://wiki.onap.org/pages/viewpage.action?pageId=60883104
- https://wiki.onap.org/pages/viewpage.action?pageId=60884898
- https://wiki.onap.org/pages/viewpage.action?pageId=60886359
- https://wiki.onap.org/pages/viewpage.action?pageId=60887572
- https://wiki.onap.org/pages/viewpage.action?pageId=60889897
- https://wiki.onap.org/pages/viewpage.action?pageId=60891142
- https://wiki.onap.org/pages/viewpage.action?pageId=63995921
- https://wiki.onap.org/pages/viewpage.action?pageId=63996755
- https://wiki.onap.org/pages/viewpage.action?pageId=63997992
- https://wiki.onap.org/pages/viewpage.action?pageId=63999118
- https://wiki.onap.org/pages/viewpage.action?pageId=64000589
- https://wiki.onap.org/pages/viewpage.action?pageId=64001894
- https://wiki.onap.org/pages/viewpage.action?pageId=64003539
- https://wiki.onap.org/pages/viewpage.action?pageId=64005689
- https://wiki.onap.org/pages/viewpage.action?pageId=64007235
- https://wiki.onap.org/pages/viewpage.action?pageId=64009702
- https://wiki.onap.org/pages/viewpage.action?pageId=68518489
- https://wiki.onap.org/pages/viewpage.action?pageId=68538549
- https://wiki.onap.org/pages/viewpage.action?pageId=68539719
- https://wiki.onap.org/pages/viewpage.action?pageId=68540502
- https://wiki.onap.org/pages/viewpage.action?pageId=68542544
- https://wiki.onap.org/pages/viewpage.action?pageId=68543213
- https://wiki.onap.org/pages/viewpage.action?pageId=68545034
- https://wiki.onap.org/pages/viewpage.action?pageId=68546015
Activity
Former user March 28, 2019 at 12:28 PM
Closing this because I think it was a typo on the attribute name that was fixed, please re-open if still an issue.
Former user March 20, 2019 at 8:51 PM
@Former user this was fixed with that patch on the typo on the attribute name, correct?
Former user November 22, 2018 at 9:26 AM
@Former user I tried with ssl cacert of ESR GUI and found the input to ssl cacert does not actually stored into AAI. If you refresh the ESR portal after your test, the input to ssl cacert will disappear , so it seems the input to ssl cacert is just in cache?
Former user November 20, 2018 at 8:23 AM
@Former user I would wonder if anyone has tested it? If I recall correctly, I had tried to input the cert but failed, either because the input box is not allowed to input long string (multiple line?), or ESR GUI does not actually get the input from GUI and store into AAI. But anyway, the certificates cannot be on-boarded. Thanks
Former user November 20, 2018 at 7:14 AM
@Former user I checked the code, the certifications already stored to aai while vim registration. The name is "ssl Cacert" in the ers gui.
@Former user @Former user the auth param is "certificateUrl" as below while registrate vnfm. do you think it is necessary to change this param to "Collection of PEM encoded trusted certificates" as @Former user said before or you should just keep this as right now?
"certificateUrl": { "type": "string", "description": "vnfm certificate Url" },
Details
Assignee
Former userFormer user(Deactivated)Reporter
Former userFormer user(Deactivated)Fix versions
Affects versions
Priority
Medium
Details
Details
Assignee
Reporter
Fix versions
Affects versions
Priority
Medium
In AAI the certificate is described as
ssl-cacert: string
ca file content if enabled ssl on auth-url.
in ESR GUI it is an URL see attachment
in VF-C API it is an URL see swagger definition
"certificateUrl": { "type": "string", "description": "vnfm certificate Url" },It would be great to come to a conclusion where this bug belongs: AAI / MSB / VF-C / ESR?
Is it an URL or a content?