...
- Generate RSA/ECDSA key pair using PKCS11
- Securely store the private key.
- Store the private key using TPM if it is available
- PKCS10 CSR generation
- Communicates with the previously described CA Broker Service over REST API
- Periodically generates a usage report
- Certificate Renewal
- Discovery of Internal CA Broker Service
The below diagram illustrates
...
Best Practices of Certificate Enrollment that is end-point initiated.
This diagram shows mapping of
...
Certificate Provisioing in ONAP context.
The below diagram details the architechture blocks used previously in detail:
...