Portal user interface can include an Application Authorization user interface with a box similar to that for VID, SDC etc. There can be another another box like the boxes in picture below. This can be quite basic, initially it may only allow a user to upload a certificate file in some specified format eg. DER, PEM.
- The Portal application may be the only user authorized to use the AAF interface https://aaf.onap.org/issuer-certificate. There may be many suitable protocols for the AAF endpoints discussed here. HTTP is just an option. AAF stores certificates it receives from Portal on this authenticated and authorized interface.
- AAF also provides an interface to components to validate certificates. The initial use case is SDC validating a certificate delivered with a PNF package from a PNF vendor. SDC would send a request to https://aaf.onap.org/valid-certificate-check with the certificate to check in the request body. AAF would validate this certificate. The certificate contains a signature from an issuer which can be verified if AAF has the issuer certificate.
| Gliffy | ||||
|---|---|---|---|---|
|