1 # Cert service client *(deprecated)*
3 > Deprecated since Istanbul release in favor of Cert Manager certificates
4 > (for more details see certServiceK8sExternalProvider submodule).
13 ### Install the package into the local repository
18 ### Building Docker image and install the package into the local repository
20 mvn clean install -P docker
23 ### Nexus container image
25 nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3
28 ### Running local client application as standalone docker container
29 CertService API and client must be running in same network.
31 You need certificate and trust anchors (in JKS format) to connect to CertService API via HTTPS. Information how to generate truststore and keystore files you can find in CertService main README.
33 To run CertService client as standalone docker container execute following steps:
35 1. Create file ‘$PWD/client.env’ with environment variables as in example below:
38 REQUEST_URL=<URL to CertService API>
40 OUTPUT_PATH=/var/certs
46 ORGANIZATION=Linux-Foundation
47 ORGANIZATION_UNIT=ONAP
48 LOCATION=San-Francisco
51 SANS=test.onap.org,onap.com,onap@onap.org,127.0.0.1,onap://cluster.local/
54 KEYSTORE_PATH=/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks
55 KEYSTORE_PASSWORD=<password to certServiceClient-keystore.jks>
56 TRUSTSTORE_PATH=/etc/onap/oom/certservice/certs/certServiceClient-truststore.jks
57 TRUSTSTORE_PASSWORD=<password to certServiceClient-truststore.jks>
59 2. Run docker container as in following example (API and client must be running in same network):
63 --name oomcert-client \
64 --env-file <$PWD/client.env (same as in step1)> \
65 --network <docker network of cert service> \
66 --mount type=bind,src=<path to local host directory where certificate and trust anchor will be created>,dst=<OUTPUT_PATH (same as in step 1)> \
67 --volume <local path to keystore in JKS format>:<KEYSTORE_PATH> \
68 --volume <local path to truststore in JKS format>:<TRUSTSTORE_PATH> \
69 nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3
71 After successful creation of certifications, container exits with exit code 0.
77 var/log/onap/oom/certservice-client/certservice-client.log
79 ### Logs in Docker container
81 docker logs oom-certservice-client
86 1 Invalid client configuration
87 2 Invalid CSR configuration
88 3 Fail in key pair generation
89 4 Fail in CSR generation
90 5 CertService HTTP unsuccessful response
91 6 Internal HTTP Client connection problem
92 7 Fail in PEM conversion
93 8 Fail in Private Key to PEM Encoding
94 9 Wrong TLS configuration
95 10 File could not be created
96 99 Application exited abnormally