X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=Makefile;h=56e0e9359e932b3d2879a784115aa7bb2cce01bd;hb=333966e38367d2d889bbfeee13eb688d7eab7346;hp=45ffb48b30927244c1b6e13896f824b50e6a3951;hpb=b81c681cb6be761a2abb5e2f5af1b923bef1f6b4;p=oom%2Fplatform%2Fcert-service.git

diff --git a/Makefile b/Makefile
index 45ffb48b..56e0e935 100644
--- a/Makefile
+++ b/Makefile
@@ -1,7 +1,9 @@
-all: build start-backend run-client stop-client stop-backend
+all: build start-backend run-client stop-backend
 start-with-client: start-backend run-client
 .PHONY: build
 
+CA_NAME=RA
+
 build:
 	@echo "##### Build Cert Service images locally #####"
 	mvn clean install -P docker
@@ -11,7 +13,7 @@ start-backend:
 	@echo "##### Start Cert Service #####"
 	docker-compose up -d
 	@echo "## Configure ejbca ##"
-	docker exec aafcert-ejbca /opt/primekey/scripts/ejbca-configuration.sh
+	docker exec oomcert-ejbca /opt/primekey/scripts/ejbca-configuration.sh
 	@echo "##### DONE #####"
 
 run-client:
@@ -19,21 +21,68 @@ run-client:
 	mkdir -p `pwd`/compose-resources/client-volume/
 	@echo "##### Start Cert Service Client #####"
 	docker run \
-	    --name aafcert-client \
+	    --rm \
+	    --name oomcert-client \
 	    --env-file ./compose-resources/client-configuration.env \
-	    --network certservice_certservice \
+	    --network cert-service_certservice \
 	    --mount type=bind,src=`pwd`/compose-resources/client-volume/,dst=/var/certs \
-	    --volume `pwd`/certs/truststore.jks:/etc/onap/aaf/certservice/certs/truststore.jks \
-	    --volume `pwd`/certs/certServiceClient-keystore.jks:/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks \
-	    onap/org.onap.aaf.certservice.aaf-certservice-client:latest
-
-stop-client:
-	@echo "##### Remove Cert Service Client #####"
-	@echo "Removing aafcert-client"
-	@docker rm aafcert-client > /dev/null 2> /dev/null || true
-	@echo "##### DONE #####"
+	    --volume `pwd`/certs/truststore.jks:/etc/onap/oom/certservice/certs/truststore.jks \
+	    --volume `pwd`/certs/certServiceClient-keystore.jks:/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks \
+	    nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3
 
 stop-backend:
 	@echo "##### Stop Cert Service #####"
 	docker-compose down
 	@echo "##### DONE #####"
+
+send-initialization-request:
+	@echo "##### Create folder for certificates from curl: `pwd`/compose-resources/certs-from-curl/ #####"
+	mkdir -p `pwd`/compose-resources/certs-from-curl/
+	@echo "##### Generate CSR and Key #####"
+	openssl req -new -newkey rsa:2048 -nodes -keyout `pwd`/compose-resources/certs-from-curl/ir.key \
+	    -out `pwd`/compose-resources/certs-from-curl/ir.csr \
+	    -subj "/C=US/ST=California/L=San-Francisco/OU=ONAP/O=Linux-Foundation/CN=onap.org" \
+	    -addext "subjectAltName = DNS.1:test.onap.org,DNS.2:onap.org,IP.1:127.0.0.1,URI.1:ftp://test.org,email.1:test@onap.org"
+	@echo "##### Send Initialization Request #####"
+	curl -sN https://localhost:8443/v1/certificate/${CA_NAME} -H "PK: $$(cat ./compose-resources/certs-from-curl/ir.key | base64 | tr -d \\n)" \
+	    -H "CSR: $$(cat ./compose-resources/certs-from-curl/ir.csr | base64 | tr -d \\n)" \
+	    --cert `pwd`/certs/cmpv2Issuer-cert.pem \
+	    --key `pwd`/certs/cmpv2Issuer-key.pem \
+	    --cacert `pwd`/certs/cacert.pem | `pwd`/parseCertServiceResponse.sh "ir"
+
+send-key-update-request: verify-initialization-request-files-exist
+	@echo "##### Generate CSR and Key #####"
+	openssl req -new -newkey rsa:2048 -nodes -keyout `pwd`/compose-resources/certs-from-curl/kur.key \
+	    -out `pwd`/compose-resources/certs-from-curl/kur.csr \
+	    -subj "/C=US/ST=California/L=San-Francisco/OU=ONAP/O=Linux-Foundation/CN=onap.org" \
+	    -addext "subjectAltName = DNS.1:test.onap.org,DNS.2:onap.org,IP.1:127.0.0.1,URI.1:ftp://test.org,email.1:test@onap.org"
+	@echo "##### Send Key Update Request #####"
+	curl -sN https://localhost:8443/v1/certificate-update/${CA_NAME} -H "PK: $$(cat ./compose-resources/certs-from-curl/kur.key | base64 | tr -d \\n)" \
+	    -H "CSR: $$(cat ./compose-resources/certs-from-curl/kur.csr | base64 | tr -d \\n)" \
+	    -H "OLD_PK: $$(cat ./compose-resources/certs-from-curl/ir.key | base64 | tr -d \\n)" \
+	    -H "OLD_CERT: $$(cat ./compose-resources/certs-from-curl/ir-cert.pem | base64 | tr -d \\n)" \
+	    --cert `pwd`/certs/cmpv2Issuer-cert.pem \
+	    --key `pwd`/certs/cmpv2Issuer-key.pem \
+	    --cacert `pwd`/certs/cacert.pem | `pwd`/parseCertServiceResponse.sh "kur"
+
+send-certification-request: verify-initialization-request-files-exist
+	@echo "##### Generate CSR and Key #####"
+	openssl req -new -newkey rsa:2048 -nodes -keyout `pwd`/compose-resources/certs-from-curl/cr.key \
+	    -out `pwd`/compose-resources/certs-from-curl/cr.csr \
+	    -subj "/C=US/ST=California/L=San-Francisco/OU=ONAP/O=Linux-Foundation/CN=new-onap.org" \
+	    -addext "subjectAltName = DNS.1:test.onap.org,DNS.2:onap.org,IP.1:127.0.0.1,URI.1:ftp://test.org,email.1:test@onap.org"
+	@echo "##### Send Certification Request #####"
+	curl -sN https://localhost:8443/v1/certificate-update/${CA_NAME} -H "PK: $$(cat ./compose-resources/certs-from-curl/cr.key | base64 | tr -d \\n)" \
+	    -H "CSR: $$(cat ./compose-resources/certs-from-curl/cr.csr | base64 | tr -d \\n)" \
+	    -H "OLD_PK: $$(cat ./compose-resources/certs-from-curl/ir.key | base64 | tr -d \\n)" \
+	    -H "OLD_CERT: $$(cat ./compose-resources/certs-from-curl/ir-cert.pem | base64 | tr -d \\n)" \
+	    --cert `pwd`/certs/cmpv2Issuer-cert.pem \
+	    --key `pwd`/certs/cmpv2Issuer-key.pem \
+	    --cacert `pwd`/certs/cacert.pem | `pwd`/parseCertServiceResponse.sh "cr"
+
+verify-initialization-request-files-exist:
+  ifeq (,$(wildcard compose-resources/certs-from-curl/ir.key))
+  ifeq (,$(wildcard compose-resources/certs-from-curl/ir-cert.pem))
+			$(error Execute send-initialization-request first)
+  endif
+  endif