.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. http://creativecommons.org/licenses/by/4.0
-.. Copyright 2020 NOKIA
+.. Copyright 2020-2021 NOKIA
+.. _release_notes:
+***************************************
+OOM Certification Service Release Notes
+***************************************
-Release Notes
-==============
+Abstract
+========
-Version: 1.1.0
---------------
-
-:Release Date: 2020-06-29
-
-**New Features**
-
- - Added property to CertService Client to allow selection of output certificates type (One of: PEM, JKS, P12).
-
-**Bug Fixes**
-
- - Resolved issue where created PKCS12 certificates had jks extension.
+This document provides the release notes for the Honolulu release.
-**Known Issues**
-
- N/A
-
-**Security Notes**
+Summary
+=======
- N/A
+Certification Service provides certificates signed by external CMPv2 server - such certificates are further called operators certificates. Operators certificates are meant to secure external ONAP traffic - traffic between network functions (xNFs) and ONAP.
-*Fixed Security Issues*
+This project was moved from Application Authorization Framework (AAF), to check previous release notes see, `AAF CertService release notes <https://docs.onap.org/projects/onap-aaf-certservice/en/frankfurt/sections/release-notes.html>`_ .
- N/A
-*Known Security Issues*
+Release Data
+============
- N/A
++--------------------------------------+---------------------------------------------------------------------------------------+
+| **Project** | OOM |
+| | |
++--------------------------------------+---------------------------------------------------------------------------------------+
+| **Docker images** | * onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.3.3 |
+| | * onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3 |
+| | * onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.3.3 |
+| | * onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.3.3|
+| | |
++--------------------------------------+---------------------------------------------------------------------------------------+
+| **Release designation** | Honolulu |
+| | |
++--------------------------------------+---------------------------------------------------------------------------------------+
-*Known Vulnerabilities in Used Modules*
- N/A
+New features
+------------
-**Upgrade Notes**
+- `OOM-2560 <https://jira.onap.org/browse/OOM-2560>`_ Integrated CMPv2 certificate provider with Cert-Manager
-**Deprecation Notes**
+ An CMPv2 certificate provider is a part of PKI infrastructure. It consumes CertificateRequest custom resource from Cert-Manager and calls CertService API to enroll certificate from CMPv2 server.
+ During ONAP deployment, the CMPv2 certificate provider is enabled when flags cmpv2Enabled, CMPv2CertManagerIntegration and platform.enabled equals true.
-**Other**
-
-===========
-
-Version: 1.0.1
---------------
+ More information can be found on dedicated `wiki page <https://wiki.onap.org/display/DW/CertService+and+K8s+Cert-Manager+integration>`_
-:Release Date: 2020-05-22
+- `OOM-2632 <https://jira.onap.org/browse/OOM-2632>`_ Extended CertService API and clients to correctly support SANs parameters such as: e-mails, URIs and IP addresses.
-**New Features**
+**Bug fixes**
-The Frankfurt Release is the first release of the Certification Service.
+- `OOM-2656 <https://jira.onap.org/browse/OOM-2656>`_ Adjusted CertService API to RFC4210 - changed MAC protection algorithm and number of iteration for such algorithm.
+- `OOM-2657 <https://jira.onap.org/browse/OOM-2657>`_ Enhanced CertServiceAPI response in order to include CMP server error messages.
-**Bug Fixes**
-
- - `AAF-1132 <https://jira.onap.org/browse/AAF-1132>`_ - CertService Client returns exit status 5 when TLS configuration fails
+- `OOM-2658 <https://jira.onap.org/browse/OOM-2658>`_ Fixed KeyUsage extension sent to CMPv2 server
**Known Issues**
- - PKCS12 certificates have jks extension
-
-**Security Notes**
-
- N/A
+None
-*Fixed Security Issues*
+Deliverables
+------------
- N/A
+Software Deliverables
+~~~~~~~~~~~~~~~~~~~~~
+Docker images mentioned in Release Date section.
-*Known Security Issues*
+Documentation Deliverables
+~~~~~~~~~~~~~~~~~~~~~~~~~~
- N/A
+- :doc:`CMPv2 certificate provider description <cmpv2-cert-provider>`
-*Known Vulnerabilities in Used Modules*
+Known Limitations, Issues and Workarounds
+=========================================
- N/A
+System Limitations
+------------------
-**Upgrade Notes**
+Any known system limitations.
-**Deprecation Notes**
-**Other**
-
-===========
-
-Version: 1.0.0
---------------
+Known Vulnerabilities
+---------------------
-:Release Date: 2020-04-16
+Any known vulnerabilities.
-**New Features**
-The Frankfurt Release is the first release of the Certification Service.
+Workarounds
+-----------
-**Bug Fixes**
+Any known workarounds.
- - No new fixes were implemented for this release
-**Known Issues**
-
- - `AAF-1132 <https://jira.onap.org/browse/AAF-1132>`_ - CertService Client returns exit status 5 when TLS configuration fails
-
- - PKCS12 certificates have jks extension
-
-**Security Notes**
+Security Notes
+--------------
- N/A
+**Fixed Security Issues**
-*Fixed Security Issues*
+None
- N/A
+**Known Security Issues**
-*Known Security Issues*
+None
- N/A
-*Known Vulnerabilities in Used Modules*
+Test Results
+============
+Not applicable
- N/A
-**Upgrade Notes**
+References
+==========
-**Deprecation Notes**
+For more information on the ONAP Honolulu release, please see:
-**Other**
+#. `ONAP Home Page`_
+#. `ONAP Documentation`_
+#. `ONAP Release Downloads`_
+#. `ONAP Wiki Page`_
-===========
-End of Release Notes
+.. _`ONAP Home Page`: https://www.onap.org
+.. _`ONAP Wiki Page`: https://wiki.onap.org
+.. _`ONAP Documentation`: https://docs.onap.org
+.. _`ONAP Release Downloads`: https://git.onap.org