X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fcontrib%2Fcomponents%2Fejbca%2Fresources%2Fejbca-config.sh;h=ad10240b948b0724865ae188c030b01e3a149dc5;hb=0b14ba4a20a879ef6b94ae5db64fa08354d2f648;hp=f1bd07e1587473241886dddb022888b157ff932e;hpb=6f80e0ea3ded1679c811d27bb6b8e4d459791691;p=oom.git

diff --git a/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh b/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh
index f1bd07e158..ad10240b94 100755
--- a/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh
+++ b/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh
@@ -12,6 +12,12 @@ configureEjbca() {
     ejbca.sh config cmp updatealias --alias cmpRA --key operationmode --value ra
     ejbca.sh ca editca --caname ManagementCA --field cmpRaAuthSecret --value ${RA_IAK}
     ejbca.sh config cmp updatealias --alias cmpRA --key responseprotection --value pbe
+    #Custom EJBCA cert profile and endentity are imported to allow issuing certificates with correct extended usage (containing serverAuth)
+    ejbca.sh ca importprofiles -d /opt/primekey/custom_profiles
+    #Profile name taken from certprofile filename (certprofile_<profile-name>-<id>.xml)
+    ejbca.sh config cmp updatealias --alias cmpRA --key ra.certificateprofile --value CUSTOM_ENDUSER
+    #ID taken from entityprofile filename (entityprofile_<profile-name>-<id>.xml)
+    ejbca.sh config cmp updatealias --alias cmpRA --key ra.endentityprofileid --value 1356531849
     ejbca.sh config cmp dumpalias --alias cmpRA
     ejbca.sh config cmp addalias --alias cmp
     ejbca.sh config cmp updatealias --alias cmp --key allowautomatickeyupdate --value true