...
As init container for K8s:
| Code Block | ||
|---|---|---|
| ||
...
kind: Deployment
metadata:
...
spec:
...
template:
...
spec:
initContainers:
- name: cert-service-client
image: nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:latest
imagePullPolicy: Always
env:
- name: REQUEST_URL
value: http://aaf-cert-service-service:8080/v1/certificate/
- name: REQUEST_TIMEOUT
value: "1000"
- name: OUTPUT_PATH
value: /var/log/certs
- name: CA_NAME
value: TEST
- name: COMMON_NAME
value: onap.org
- name: ORGANIZATION
value: Linux-Foundation
- name: ORGANIZATION_UNIT
value: ONAP
- name: LOCATION
value: San-Francisco
- name: STATE
value: California
- name: COUNTRY
value: US
- name: SANS
value: gerrit.onap.org:test.onap.org:onap.com
volumeMounts:
- mountPath: /var/log/certs
name: certs
...
|
Client's exiting codes:
| Code | Information |
|---|---|
| 0 | Success |
| 1 | Invalid client configuration |
| 2 | Invalid CSR data |
| 3 | Failed key pair generation |
| 4 | Failed CSR generation |
| 5 | API return unsuccessful response |
| 6 | Problem with Http Client connection |
| 7 | Failed PKCS12 conversion |
| 8 | Failed Private Key to PEM Encoding |
...