| Table of Contents |
|---|
...
Generate testing PKCS #12 files usingĀ https://gerrit.onap.org/r/gitweb?p=dcaegen2/collectors/hv-ves.git;a=blob_plain;f=tools/ssl/gen-certs.sh;hb=refs/heads/master and store in k8s nfs dir /dockerdata-nfs/ssl
Edit HV-VES deployment (kubectl -n onap edit deployment/dep-dcae-hv-ves-collector) by removing VESHV_SSL_DISABLE flagand adding VESHV_TRUST_STORE, VESHV_KEY_STORE, VESHV_TRUST_STORE_PASSWORD, VESHV_KEY_STORE_PASSWORD ones.
Add entry to mount node:/dockerdata-nfs/ssl to containter:/etc/ves-hv :
...
| No Format |
|---|
openssl pkcs12 -export -out ca.p12 -inkey ca.key -in ca.pem -passout pass: openssl pkcs12 -export -out server.p12 -inkey server.key -in server.pem -passout pass: |
Enable SSL feature in HV-VES collector via Consul UI :
http://<node_ip>:30270/ui/#/dc1/kv/dcae-hv-ves-collector/edit
...