.. code-block::
#Client envs
- REQUEST_URL=http://aaf-cert-service-service:8080/v1/certificate/
+ REQUEST_URL=http://aaf-cert-service:8080/v1/certificate/
REQUEST_TIMEOUT=1000
OUTPUT_PATH=/var/certs
CA_NAME=RA
docker run --env-file $DOCKER_ENV_FILE --network $NETWORK_CERT_SERVICE --volume $DOCKER_VOLUME $AAFCERT_CLIENT_IMAGE
+ Configuring EJBCA server for testing
+ ------------------------------------
+
+ To instantiate an EJBCA server for testing purposes with an OOM deployment, cmpv2Enabled and cmpv2Testing have to be changed to true in oom/kubernetes/aaf/values.yaml.
+
+ cmpv2Enabled has to be true to enable aaf-cert-service to be instantiated and used with an external Certificate Authority to get certificates for secure communication.
+
+ If cmpv2Testing is enabled then an EJBCA test server will be instantiated in the OOM deployment as well, and will come pre-configured with a test CA to request a certificate from.
+
+ Currently the recommended mode is single-layer RA mode.
+
+
+ Default Values:
+
+ +---------------------+---------------------------------------------------------------------------------------------------------------------------------+
+ | Name | Value |
+ +=====================+=================================================================================================================================+
+ | Request URL | http://aaf-ejbca:8080/ejbca/publicweb/cmp/cmpRA |
+ +---------------------+---------------------------------------------------------------------------------------------------------------------------------+
+ | Response Type | PKI Response |
+ +---------------------+---------------------------------------------------------------------------------------------------------------------------------+
+ | caMode | RA |
+ +---------------------+---------------------------------------------------------------------------------------------------------------------------------+
+ | alias | cmpRA |
+ +---------------------+---------------------------------------------------------------------------------------------------------------------------------+
+
+
+ If you wish to configure the EJBCA server, you can find Documentation for EJBCA here: https://doc.primekey.com/ejbca/
+
+ If you want to understand how CMP works on EJBCA in more detail, you can find Details here: https://download.primekey.com/docs/EJBCA-Enterprise/6_14_0/CMP.html
Init Container for K8s
----------------------
imagePullPolicy: Always
env:
- name: REQUEST_URL
- value: http://aaf-cert-service-service:8080/v1/certificate/
+ value: http://aaf-cert-service:8080/v1/certificate/
- name: REQUEST_TIMEOUT
value: "1000"
- name: OUTPUT_PATH