...
| Code Block |
|---|
|
cat ~/myCA/intermediateCA/certs/intermediate.cert.pem ~/myCA/rootCA/certs/ca.cert.pem > ~/myCA/intermediateCA/certs/ca-chain.cert.pem
openssl verify -CAfile ~/myCA/intermediateCA/certs/ca-chain.cert.pem ~/myCA/intermediateCA/certs/intermediate.cert.pem
|
Create files for OOM
Create ca-chain file for AAF-SMS:
| Code Block |
|---|
|
cp ~/myCA/intermediateCA/certs/ca-chain.cert.pem ~/myCA/intermediate_root_ca.pem |
File will be stored in https://git.onap.org/oom/tree/kubernetes/aaf/components/aaf-sms/resources/certs?h=kohn
Import CA-chain to cert-wrapper
- Download JDK from Oracle: https://www.oracle.com/java/technologies/downloads/#java20
- Extract "cacerts" file (/<jdk-dir>/lib/security/cacaerts)
- Copy the cacerts file to "truststoreONAPall.jks" and import intermediate_root_ca.pem
| Code Block |
|---|
cp ~/myCA/cacerts ~/myCA/truststoreONAPall.jks
keytool -import -alias onaptestca -keystore ~/myCA/truststoreONAPall.jks -file ~/myCA/intermediate_root_ca.pem -storepass changeit
keytool -list -keystore ~/myCA/truststoreONAPall.jks-old|grep onap |
| Code Block |
|---|
|
base64 ~/myCA/truststoreONAPall.jks >~/myCA/truststoreONAPall.jks.b64 |