From 504422fe7b93714222ff53b9ee9914a26b74c091 Mon Sep 17 00:00:00 2001 From: ChrisC Date: Wed, 5 Feb 2020 13:07:40 +0100 Subject: [PATCH] Update SSL Certs and doc Update SSL certs for Frankfurt (expiry date Feb 2021) + fix clamp env for compose. Documentation updated to reflect what to do for cert renewal (readme). Issue-ID: CLAMP-641 Signed-off-by: ChrisC Change-Id: I24e24ee88674c3d5b399bc0f1722c61f4c54a937 --- README.md | 27 +++++++++---- extra/docker/clamp/clamp.env | 2 +- src/main/resources/clds/aaf/org.onap.clamp.p12 | Bin 4147 -> 4155 bytes src/main/resources/clds/aaf/ssl/clamp.key | 54 ++++++++++++------------- src/main/resources/clds/aaf/ssl/clamp.pem | 37 ++++++++--------- 5 files changed, 66 insertions(+), 54 deletions(-) diff --git a/README.md b/README.md index 148ff959..65fc0530 100644 --- a/README.md +++ b/README.md @@ -114,10 +114,10 @@ With the default log settings, all logs will be generated into console and into You can see the swagger definition for the jaxrs apis at `/restservices/clds/v1/openapi.json` -## Clamp AAF +## Clamp AAF - Renew Certificates - Connect to windriver with openvpn - create a folder aaf-renewal and go to it -- create a file aaf.props with that content +- create a file aaf.props with that content (or run the agent.sh script below, it will prompt you for values at first run) VERSION=2.1.13 DOCKER_REPOSITORY=nexus3.onap.org:10001 HOSTNAME= @@ -141,13 +141,24 @@ You can see the swagger definition for the jaxrs apis at `/restservices/clds/v1/ cadi_latitude[0.000]=10.0 cadi_longitude[0.000]=10.0 - Certs should created, you can get them in /var/lib/docker/volumes/clamp_config/_data/local + If you want to recreate the certs, you have to delete the docker volume (otherwise it will be re used) : docker volume rm clamp_config - wget https://nexus.onap.org/content/repositories/releases/org/onap/aaf/authz/aaf-cadi-aaf/2.1.13/aaf-cadi-aaf-2.1.13-full.jar - to encrypt or decrypt the store passwords: java -jar aaf-cadi-aaf-2.1.13-full.jar cadi digest changeit testos.key - +- you can also use the agent.sh script to decrypt the passwords, by running the showpass commands (see wiki below) - Extract private key from P12: 'openssl pkcs12 -in org.onap.clamp.p12 -nocerts -nodes > clamp.key' - Extract public certificate from P12: 'openssl pkcs12 -in org.onap.clamp.p12 -clcerts -nokeys > clamp.pem' - Extract CA certificate from P12: 'openssl pkcs12 -in org.onap.clamp.p12 -cacerts -nokeys -chain > ca-certs.pem' - reference wiki: https://wiki.onap.org/display/DW/AAF+Certificate+Management+for+Dummies +- you need to place new clamp.key, clamp.pem and ca-certs.pem into src/main/resources/clds/aaf/ssl, this will be used by the FrontEnd +- you need to replace the password of the generated keystore (clamp uses the p12 keystore), we want to keep the same demo password across release + to do so, you can use keytool to update the password and set it back to 'China in the Spring' + keytool -storepasswd -keystore ./org.onap.clamp.p12 +- this will prompt for the current keystore password (the one generated by the aaf script that you can get from the above) +- you can then set it to 'China in the Spring' +- once done, you can replace : org.onap.clamp.p12 into src/main/resources/clds/aaf +- rebuild Clamp Docker containers, they should be updated with the renewed certificates + + ## Clamp Credentials There are two mechanisms that can enabled for the authentication, one or the other never both at the same time. @@ -158,17 +169,17 @@ There is a section for SSL enablement and cadi configuration (for AAF) + one spr server.port=8443 server.ssl.key-store=classpath:/clds/aaf/org.onap.clamp.p12 -server.ssl.key-store-password=China in the Spring -server.ssl.key-password=China in the Spring +server.ssl.key-store-password=enc:WWCxchk4WGBNSvuzLq3MLjMs5ObRybJtts5AI0XD1Vc +server.ssl.key-password=enc:WWCxchk4WGBNSvuzLq3MLjMs5ObRybJtts5AI0XD1Vc server.ssl.key-store-type=PKCS12 server.ssl.key-alias=clamp@clamp.onap.org +clamp.config.keyFile=classpath:/clds/aaf/org.onap.clamp.keyfile server.ssl.client-auth=want server.ssl.trust-store=classpath:/clds/aaf/truststoreONAPall.jks -server.ssl.trust-store-password=changeit - +server.ssl.trust-store-password=enc:iDnPBBLq_EMidXlMa1FEuBR8TZzYxrCg66vq_XfLHdJ server.http-to-https-redirection.port=8080 .... -spring.profiles.active=clamp-default,clamp-aaf-authentication,clamp-sdc-controller +spring.profiles.active=clamp-default,clamp-aaf-authentication,clamp-sdc-controller-new,clamp-ssl-config .... clamp.config.cadi.keyFile=classpath:/clds/aaf/org.onap.clamp.keyfile clamp.config.cadi.cadiLoglevel=DEBUG diff --git a/extra/docker/clamp/clamp.env b/extra/docker/clamp/clamp.env index ae6dbec1..06381f94 100644 --- a/extra/docker/clamp/clamp.env +++ b/extra/docker/clamp/clamp.env @@ -1,2 +1,2 @@ ### Be careful, this must be in one line only ### -SPRING_APPLICATION_JSON={"spring.datasource.cldsdb.url":"jdbc:mariadb:sequential://db:3306/cldsdb4?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3","spring.profiles.active":"clamp-default,clamp-default-user,clamp-sdc-controller-new","clamp.config.policy.api.url":"http4://third-party-proxy:8085","clamp.config.policy.pap.url":"http4://third-party-proxy:8085","clamp.config.dcae.inventory.url":"http://third-party-proxy:8085","clamp.config.dcae.deployment.url":"http4://third-party-proxy:8085"} +SPRING_APPLICATION_JSON={"spring.datasource.cldsdb.url":"jdbc:mariadb:sequential://db:3306/cldsdb4?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3","spring.profiles.active":"clamp-default,clamp-default-user,clamp-sdc-controller-new,clamp-ssl-config","clamp.config.policy.api.url":"http4://third-party-proxy:8085","clamp.config.policy.pap.url":"http4://third-party-proxy:8085","clamp.config.dcae.inventory.url":"http://third-party-proxy:8085","clamp.config.dcae.deployment.url":"http4://third-party-proxy:8085"} diff --git a/src/main/resources/clds/aaf/org.onap.clamp.p12 b/src/main/resources/clds/aaf/org.onap.clamp.p12 index dc24567b9cd45aaec4a3d5ef036ca030aa006213..268aa1a3ce56e01448f8043cc0b05b5fceb5a47d 100644 GIT binary patch delta 4038 zcmV;%4>|C&AiE$UFoF;_0s#Xsf)DTp2`Yw2hW8Bt2LYgh58(uY58W_=5806-Mt^l_ zm^hB&un`GLwYzs7*_zN(;m!gB0K-rOf&|F3X<^VpKB>4S4R?=-5ZB~ZyjtO7w7ymV z>+G}AYJ3MvzW8L2h1l9v?13JlXeb##Lv>7T-9gzLTbe~+$q~S8IZh0v1Xap?BFo|D zFNyNVit>qO=&VG_aiI8mNbh8`1%K)oOGZeS2spBzvo;jCO(LtF&)Ka=3NXllLerEf zdu)y*Uk4b1&k{5$s#}PF{xLp1?{-Wk6Bog5n^`6y@fX8 z;rES(RKd276vw6M-qRyM0PE5cY@f{(HAj+ynb4tR#ykDn9%V+Eow&JzE`RO?=-*2j z-F?=)>_R2ROYVgmB61RwgXln+P?&WT+LQQ;P&i+9TBG3NbFLfN9AS#h8!q*3dH&Dkf1Va~l5mcG?4jjxol?-@F9}dhs%T8>yWY6jISL*$7~evG{4z zTZJ4VdV`zB}*~;eV6M53a0g{LR0Iy7eg4i}&CEM-fvQ18p@Y?{^r zoM24zx)A{{mW7pydXV zw|`crU!`XgZSn5ZMr&NB!5In><6&R1+Di3D7HXPQAZd2#K03Lg>3>ChNDgs#uAB4e z-AfXmSL%0Bl$PmCaYXAC?)&(v*d@Uuzf*QCTYm}sQaPc+TejN1=A1^Og1YKDrB&$? zo^?H*>!VPvQ4}Cjrc52kwA3Yfsf`Ra(r4iH%-sm?rY&9@)3FOA*+{!cg1Ax0%MYX2 z0U3Of9lg@>Z0RVpd(|jL;a_lvUcLjJkCt@@iI*T&jW}W$}i_= z)`p~s(|UCNx{?la^-x#D3e~pRF-#TZ@PD|DaVwJWPMY>Q;eRKBlj44AF^RcKMA8-X z-yL)MkweEl;*;?ad5a);SQ3d*O1HItXa7!FE%`f*P*~09ekpn z#tJ@O9}7H=KEWE&>Hbb&7A=lsN;Nfl_L6pck*$_a0dJFH&qCaOEPcsN#M6 zg4tP|QAzieLw|(kODr5Qt%S7Pq%lXaTSjdXtoN-l?Z1pj&9(_aDCFhtk0`L+l*?QK zO@vz8iI5yIq6#}_cHskA#NAZga(Ul5xkOYJ1S#o2qS?=l;VRMS+-w157@DefXeNIp zEy2bvzr_6i_!bg&;*Wf!>v^>c?|1eMCL#TUBM2inP(Yxf=YHmq@~ zZ6Y^fr+1%V4ed(d*LrJlfK zFem5b#eV88w%mz}F&LNQUfI5IgfHZ?RiIWU3>Oa=)m zhDe6@4FLxRpn?iLFoFs>0s#Opf(kN|$psyM(_AB<{VbD=JNXq%C_9-PrEEU<0s{cU zP=JC7_^DJN(KAC`rLp2k`^;2|^uvTH0xi9oQ>Y(p?a1A6eAl|e z^A;Ew5rgDu$h&FrHOAojk$^DQs?Wbb!rIc(Zx5@!KFlU&_Sa@L0W1|i#6O*%S4T{L z>HFS^65%RGP-H!0>wTdVcaQqu5)Dh}s!_GmGbGpK8{a%yBh`Lqo@jCsEkTz`<^DItEucRp2Li$+eyUIri+6DJix$ z%IYm2ep64sys6rOf1lBS7LepjeQd6OXDKc6YZRVBT$<<%kD53WPSJof^j-ftP*Bt; zshu9r{w;FI%woIRZbRsmk3r$BMC-A6f^>S{h5h}LY~;TdEFSoaINqaMEvijKsQo;U z(|DS04&JaR_KDi#fgoN;-?eV!i2Uv2k4jFXJb}B)EKXM@hr{|j6i0>92Tb~ZbS|jT z=>7`8OR)dOcH<|nQqTc8va@-4$mx&M(<3Nba;toE-@?^mAHx+@v7$!xG(VtIUm zi#&p7zY{!*`asWUypqsV2o09<_!8b5?s}*cRl(_l6ZJHYNnZy_aKN&Rne<+ax!97r zj9bhMF&5X1h9cobjTO!7*gpz?7_nRYH@DpS)~1B-*`@jb*kpuWciyv<`y4n`WGrw( zdCYamlGzC2%r$m7HogZ|2y_S!p&P4;cu_JTWhU6-BzD_9VHVy}8EJ{{>~_JfJZLw* z$3j>F$g^SH1(;X> zDx6eq06_6+Dgp;6my`aJd$Lbxw~qD5G-RzfX=bPpG6sm4WV>Eup-(U-j~2VSM6(xu z?Piyn0cZUpO?iKj{NRdi7KzFP2APk!`2aGru+ zI|Qa&+)Ocwt7=OTGc_`vMR=!VyU)s3g5r1dO=EhW<0vNjy6NMwT!v21l%5LKEL5O;BCLZ|iGtNcq_K&R^;8 z{`scIzVUEN&vdf)B%0RK#xLyP+aL4GkixFP7)u5|!`Z-;{b z{UOCOTq|FoxJD6gpfy}+_hp_YI_p!IOr#bX3d$}OP5(gIkFq0)UZP>n*YYy7uLdK2 zR}RnD^Q*^yxpX$a$gm*rm_F}6Bj4P%S?!Y0i7tlkvcNOp_sajqSABNs6(TQWWkum!AAAhS9t%k= zcj0~-do)w|5jGJ1WJd(addg?KT}WV76ms6lWMb}rh`)qTw2(ll6Pl?vjiPdufe665 zE6hhebCYN!o$6?LTs-%eQ7z_WMT#2~V1cL<2UCWxui&GBuuo+O^kfOnJCD z1)BVS<$f4$`(6O3O5&!3c%Zg4_5%klQc)j*Ln>?4A;t22{jEKJMpfNPaS=hiH4ikc zHGNttR&0!QlpXJi{jf_oK#$w#nP*`uH&*|gAxCm&c*!N=7Y6aeLPJYD*odnJ zCVb;&>>2$Bmq_QTYek8y{oQOKi5&nZes?rg#4qB4M#X5pdC`>BOZ2SRu6 zi8SQmQ~8t0L#7pI?QKaR!|32GYn9>b-^i9q!@|LoH&#MeKm^AD)V8`*_B3dJBNtOT zoz#x*x+CaRHWyYT=vA_eN_nhM*41qh=0zI39j9rWZ^?kjj*$T(CSr>Th{*>rZJ_eE zhge0ZGg2?_ihrh(SDMYw)RJbZTw+vv*bq-2)YKQk1ozqp`q{9qJ_1WvL5bk87&h|{ z!*m2x0F5c`&w{@zOqffePx8ut!p0@-o~qKd<^t4I5SjtbqI9+3{-+nSJhrz86uy*c zFm@aM#iJRqXktsG0He|5&)ql`z!KOnvLyvfOesus2;KWE9NinN#nVteeasmR&TwM*jM#w*dKno2VolaEU%B z2Ut;l>RFz*SvaW_^S`r}Sm9x)V_xiB29|H}*qyfVs4JB*SllmtD%1;9Q-9P{hK-D~ zD{wqmwOXBwBm23enV9c#C)oDDeiXedsQG&pu;4?bHx{Mp7e>f~^tgvQ=lf{|EhT{2 z>ZD#ciOkyC^WJ0b6NF`d#-UsLD+ek!;r<$tdHYze$=RDd;^FN=Ys>M#%BI$;!!T$d z;*)bk67~;i7+id4ldOlfTIN)sR6Fi68V$~nu2WjAt2)LeM5t;xS6B*ZN63*$2C7sCl@c{G zi}nLBndf*mCFm-tOnD*XQ%Y1%;Bp!voZ$C-wJ<&~AutIB1uG5%0vZJX1Qed#<11LV saeq=X?k@maQ{3Q%7PbTw`F+&!l)_Xs{feSOY@1K?V+9VI0s{etpzCg}1ONa4 delta 4030 zcmV;v4?*y|AhRGMFoF;-0s#Xsf)D5h2`Yw2hW8Bt2LYgh57`8Q57jV&57Ch#Mt?3P zaKF^Dg*hF+6AOqA@v>0%vSR`R0K-rOf&|E|TkuVzMe0za$vB}^ltCEyHz2vQczELl zQE&Mt6@QlsrAlPR>rW_idwVwvyn`BMK!{PJ(%#w0Qf5+h>Ly)U+N?^l@(ca4MN9f} z`c74|jdDSHJ{axqTfuFtPUWP$kALNsGp{&Wlr@?Xcn(z$2cI4_Da0lxN(Th!f~0w( z%7f+Y5}k&cI8@YHM)HjNHq707hz`6FZPD{Wvv$c^enU}oYTyZ~q32z1$mx4M*n+r? z63H59H|DUZJVpz*C*1An)q0~j^(W622AC>J!}AgI17GMQ z{{%i0ut*r~7~0_K@2B>ifbUJ;=9{M=!~Y(y)f4%8@ItJOU-0F}@HlxvF(^T9rep;4 zEB2gQ2x;tX$SQdfHto0{J6%C*_jcQ_O01FqlA0XjJz&gGE9B zc;llQpu?Csw%o@T7?)}*h*L`yrYdOeJ;H#|Nt)nGs}v1}bA0#i;(tSk5zH+PA}B)* zPl#wbGGql5?)-S(ADmD_wWV}(!u9z#vP3z7XFA@Xu~Y@|9)p|*V7!QzA`&U$O$1{w*bxd zPEoglW-O))6Bu<#*?*uU0{2s!LzcSM0Nht>1fJr8KE=j-%O^xAqW@;te(0S)_}j_p z9h%xk+sZ`&4$j4sTyo^U-ZH3>dgfIzna6i%Ac&*Mro{=!_ZU0^dwJ@TgRC4XMZ@su^DUsiL>)!*$0&K zllM%@^(6x?O`tJ^{E+)wNkCdDvx!-Fdr&t&Ci1U+((S~=(QO+>z z7D~*2qAn$p7k@H}J@9YE#wXrMI5V2kf6{Vh>~yq`Af9hx`>EmPy`2KK05LSTnF7V6 zhxPtA@(&~aoOIQxb3p+XgR90SjVpsS_1rE&y{hS=SL2e;{g*{jK^FGYoT;`)>Csfe zU=z$4kd=_e4yfhC|7a=|ff7IL(So~zs8Fo2ndLCbet+nd==dQvgpcWP*k7$ZJ%RMAfxxEONB>u#ps?m4o35& z5stg{Gr~R5$Va&LeO}RM=Wj~o!HFZYWE_*4YhBRzlDV2WeC@s26siq^9(C&a$8|7a zOBXY2RDZ@k2#rs|0}x}Iy42EsS2@fTpCig<`%W~9rJqD8&pEG8V}V<#70`Z!ua$`* zg89AVPYz}ooA-e~spN0)P)y7niB`)NWKTj?7Jcv5nqZzA?8MV;)sW5WfwB zDC%1lh@#Go@6?RAF&LNQUP1zEif|5m-*NB(x4Wq1J0s{cU zP=JC7@Wc03J}d-KMsoLy!HoyKY2=PLFF%oVt5jxerwJZROoiA8l+lN|f?sYE3=kltZ{0jAv#e_M*XUz*>Ke&{dqCjUkTX4I zg%*41ra9#X0{}ee%dbhMqj}#B_s@NA@0bZv2&L0Rl#9pdAI$WP^K?==*c*GQXQtZJ znMbl0xY4vtY(KDfS-iQ%`SJJ)f9|(`oqQjKQ8Jh#JKc|1jUh6}tb-9zXW45qH`5OP zG=^dcEqul2XpV%6ufuF7rf7@G=_c%mB}>aNSeacJNFbUCv9CPYXOHN}j+?jCAOnab zK#PpaSDgPigh`ImB!BD`_6?uDP(IqV@hS_!5}fOG#89E&r{$_8vj;{fC!j2U`y|YK zMES9C;w)aX|3*xMgp{oAql733?)z!uepd=!fMXYVEUDD47v=F9=0dTPZdK&bkwD^l ze~)L4@u{Ih1fK@iS{+sFlNxqt(Bj`s?^_Ap%H(c{A3pX>!6iz37xTGt4xAcOHa)%2}!!PR`=)Zu2zLGerz)}BPTH{lc{y-!5Rc^+jF^9c%n#)aolvL8#V zmT<+}s8Pg1ZqSn2bM%SWKugxYGA#c9a+xmG$)^2q2RP%hY0zG|AdHLJvCDfEA!ed! zVjm?6v#EuubV1KaN>a|l;8;kURs-7Yob$6h{`Czj+-EfKQU8qnDzd62wpsxlisRoe zWU@bc@#7Jr+>FbFv?q>#N^p?>GUSr~2U{qzzQy^mMNy(Ql)y;wTT5XvE&m8Hq6?>B z{tkyGaX)-*n}m)paslq;=DeB1=B7p`X(^*Sl4BZ*Zxx?C-*kn-b_(a@?;5*FJ8yA|`Y`)lH^79ut0SfIqTc%F#vX!2UInqe4Y22<3T>c7 z9V4r8nl0Q_*wH;tUrAW!emR6Pm9}KecYyODPmp3ag0yo}gYZ~1So#k16#N*WZEh7q zVLoACT9Ai-vF1`_Qstq`_5>U~*nv+Ir|4y@Btv8>Q|=$^SNr92tAS`W$k7b6ha{MP zZ?ssA3p>&Y9#F_UCOTQ`BH8N1>R6@VP=9L%x~vJ<2jcdHNtqhQxmFh1)w}kjfGQH- z@s~`}0SwO*J=vBD+7M~%qPr#4V;CV5bA?hJ`+ewtHQwmyW=~6wrfoJ0TD}ngxx4R2 z_jCRq*SB*>-+EPyr@PAe0eyI^Pj40J&5S|H@Dkff-2$U|c!cVJy_5{@#3_ohm7-#C zqeOxNv!QS{=xM1>gABlr!;8oZ*1wg%wOGNqs_*bsGsIAZm1yl{JA^;t?Ku7Sc29g@ z%2aNDxkL?p3;YK9!8ds_-N!LGvlJKEj#7k9ZtSn6dX^^1()1KgQI|P0>_p5uOOl`+ z1_{)sSuiOlCge@5oFO=kHJ@ejFI=v4uNEQkspH1Bq?V z2#yTs6oM3&T0gj}c|MamTCV1~=KPlq(qgy(fr)~b?8}4t@}!CHsHRndyYR0XDWJQ5 z%r^VCn>bFXdhcwA7^FMLB1naJf3#<{ef|*UeJXRxf58)POsXAM5XXa4FBNW%YUfWUBj2-DhKLldbT1 zbKlY2p&VId)#-l31^$fZlV0acNgGsu|8qMH*60k_Lg>%2NQaN{oVR?Wur=mB3;(~= zUb|bWuQF$xOxrNm-o%dj3aws`J7hfr5JA=1X2yy0a0{Te+bIyX&BqzC%MUHjf$k@2 zFfr0fw;)6@&vrrh{&oU;?^+KrXeX=5Gm=!L(GkyU=0p}rVj-bYfqvwrJMNr+fA~g2 zR7E?L3A`dnpk8&)kb_eMtuim@LvOh2-@|eXofe|w)G{dmrXs66kz7&# zXSFV75-fe{Qqutwd$SkgH4;u|dUj|vsSHLI z@(|UT=LV-Xp0^Q=i?3SjF+y(RdBq=!arRl~=^wZeT6E*RFD?Xaw0WZ>R%JB&$Im6X z<@MT(F6VHqA9{Ob70&HLOtO8ib=nBaPXO%gmFwsOnB~)BzeBx!6%NgR?HP5ksR{p= zE0^SgT5JYvKcDlugef6>1~(&Vd4AKV`*KLqZkkH_mQoh`xziW}88UPvvMZ;z(s&cu za=Smo2exVquV+RZJ62t$UfOwvQ|%M4)EH>HCY&b0z90KYa-B&?XPmoUJ|IY|HK`#@Eo#lGLdI zr=J53tU6&LeUs4skYzS%Ru;IPMpk{s?o1=OP_L_?y9oIqt9n%(ZE<5%{!KvJ}^EoAutIB1uG5%0vZJX1QfcVlQT~9X#;dx5FYDg k -----BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCsuvJ9pjBqjrxI -+5TG2PTVRUob9Cx1uO3cUMzR01mxNodsSRdI3sq6Q2Nr+PenoT7edo8ujru8G79H -BfyUWBkNe3hJikCXzDV62cwavWtGjWIsOZHczJfj8ZrtObJ/uRpeGmbosY38zUwN -cGzT1vm2K67MPe2BazTI4JLxyGcJ0bZEZ0XGBMOup3Hqo2QOy7BaQMOTs20Ww3aB -64h7KAqaqNnblqUOtkLCUBdp6Lxa9oBXqS4Fg+C1eZqzuixLQgmWZs2ED+wl4FZD -DaIkN4gw4YTXhpxr82gauW3ro2sAYrJX63FqIzaj0rj/vqxYSy7fjzbsE1VPBxCH -yUuaHxUTAgMBAAECggEABaPlHy06D4CxrUBpz0RuWjh0/wyuFvn+6l7JEWDxYNQD -AAoy9HIx9HsW2AO9MoAVaXY9nquSfcX6LPuJD98AkmwhtWUKTuqgJG7QN19QDXG4 -bvFCTg9wNkVBZdWoens03TXHfnmtxT9+6EFvjEtMxCIRByJOixdRFe4fXj3I/40H -p6KjzscPhRqmapB5U/lWwteONoq1A4VBoqj1Qbe1NjmNGMhhXqj/d9f6B0DPGqIA -nIDubb1B3YNdbxE8LbY1YiQZEtjjA2uIyW0tRjZyhVVtNwSm814fyjVPp2oRpK43 -2OVBLbHZlxY5sFZwU71lWSyEAHhOL5yY1HORKUyCIQKBgQDwR8POilccu1fczDX7 -7jTHvknrtc5Pm689hOz+iZz8oib5MNHM57YMQJNauAHcUUDc8PEBrU44kJda7zVU -8jVgeV0kvZcmDM4AGrmbBSGLhcmyqJC4wKF20K3rVFFo5exlpTDU7dwnPkMbHeGQ -LmPzk+5BKQa81Mq+cObdJs/LpwKBgQC4B9kf+cex77OluKN9mz8D3MOEWycztDpd -XVeM+RV4cjIMaQl91GovtQDwdy9TbKCsq+sFvqWsmQNkUlDGP2c0y4PFnJt7ahzW -wqZ8bZgNcTNE+KqHUMEOcDGRVoQf65XRWZhjq0mJyCewPMOrdFgHTzva2QYOrZTK -jBIWx84otQKBgQCDjidM7D1pw8EFaOGdv/wx6KO8ZFxDBfBadG71pg7H21gPU4Vq -9OqdprWHE/wgznP/BARQcLzFB5V2+kVu7vX+jjRLK2qYMKaRNBCvKY4GQAgAw34J -SZ6d2P+AOzgfgNN/i4RC8MB61AIV1LRtJpkfAb2O+5Fuzer7fgFI0DkxPQKBgAdq -gYxxU2PPRg0KmMQKCosMTXC6/6RsweFbTpjmvL/C0lN/tBs3ASR1Bdmq4+RXv03W -C72KhkCjVeioDItAqNcO0HuZKQbbKthYtb7T58m64xcHck/LqEv9p3G069QheUMb -ejGiCG+d+kN232e8Y4O/5KiYEE9tHU7gQCZc3Oj1AoGBAI2QyoAJlM0jREsEft7c -L+5kcV+VulyMYEFycSy6KziUKxVh+VMk5Eo6UhXo6m4x37tg/D8uK/tkeJdWw00N -dXLsUcDEacZyF8UfRsrscmiBURu0+9S/5+ncSX6s18HHGL7n2io+PX/ie2neO7q1 -fj50Aj03dg1TrgMTx2g6e85Y +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCTB30nMh0hczIk +vWJo7Omg7cAHhz50NBhLB7u+60oXRGCya4SqssqqxNnNqNQQP9MmflW2q/bZepWn +8Rk23X6CLmoIUlrj8BMPkUCRqzgvlaWPSNAK5QcOp6GUvXTuX4EsaWxJhbs9Ujz2 ++qi137iNOqfAx1sUygah1kjALrqHkXDqJGvIfxU5ES0akBi/lB7A3WpE52KTioSF +JS5Kbnpj1ogffGNKyAiNqU61LcF1FjWmINat2z3ZMk/3Xm+HCDg/GLPnbh4E1KoE +10O22AMys6YGEyPvgRfrTF13DsDX52PmmUHbkSB6kwS/CeV5Uu++8b6T2IWpPyZ2 ++5ptmL+tAgMBAAECggEBAIUplzRUswWEq7mSvPqC9+YE7pLi7rGYLRhnXKdBuszv +5RQzROjFHcEkoI8fhVFiPP70FPVpMh0uZTTBrDCA0v9cwjPfQuqGmPzUdUJ5bF3M +jzICpEn5vDaNpE5ueOUcIoXyxVyhfj+/p++YfgybHy7qHN0AsYFWqEMTLLjCmbYF +pZozbAcGQoAR8PSfwuvgusuEezrhYertHsdFwlfZhDtJvnm/4YKRUVEBzuaaA7B9 +sUhnQFS8ScqiUbkAGdjfY9wOYRHnQgjtqiP8poIzLkqCNSoVctgh5Pdv4jp4HO90 +J5QC+f7m7rOoWUw8EYbRo/4C4Mckh0GQQ+oP4xzrtZECgYEA3DYALFgOEY+0RR1K +61HAKqdNy1YbeuidpCBEJEwmIbzdgO1DcJdNznbfdRlmS7VB9orwRfNbf7Hxm2w/ +/xn9USENXWx7fvDoISqSDegvEsBSq5hSEMVl3f7CfQZrYl1f6gxfe7L/jtmbn0eQ +avsr9RaUCWP794DEXKuA9pC8hVsCgYEAquy5I4hO4jNBQ6v5+omjsEgk4513/RNs +f47Md8bsDHKJMbCMKCdqM1D3J1xbgV3DgSv0yNlKdU2wenWdgQAyBtz18NBgno85 +YNanFhp1CymgLFHdLJHSOqAkzutSuCNnGTT6AKspOQvy+cuj7XsnbsxtYK3Cgw5h +Mom3RnUy9ZcCgYAnForHVEYDBgAYuI9g39z9dT8Q1dMA6SN6S6Ps0Xt/R5gF15e9 +941/FYiqr3yB+cWgrp7hu8XFD9/0F63waTuW2AgYSjZNnROHN5g/UbRxXqQOA3al +tXRUiHEbYjVTe4GX+ORF/8rvH19JUZmn87ekxII4fH/wOfIhBOxaV+yuuwKBgHtz +5Tizz/3y9TWSdkgtt6uwP+yipLKGn/v1wNrWM1G+PDdGg8TQyxTrasfkHjdu6LFY +dUHIJ85X4ZphbvRolrl8SKq5Zr+/RLsb7qy5SUZZt1Wrfysc25H6bvuA3ksfTuzW +5acr+Oc6KTGgkvMI229cebe1aONNtIhTDav3JGpbAoGAX5DQvNreqnP8qSAvUN2I +TAHXIzawR3f6vgGgVIdkHkiS2eKzs/fgP3VAK80TbrGSR8HvBcPEcR/icOn1u/e6 +tDp0j6mGt5aPKK9VQkBn94bW35T12FUbdB+L8FWWTUrfiVWJtEW8tEsKil5ac8U4 +Bn3vC5WUeKhW6v6kD4AigqE= -----END PRIVATE KEY----- diff --git a/src/main/resources/clds/aaf/ssl/clamp.pem b/src/main/resources/clds/aaf/ssl/clamp.pem index 22f4541a..a01b587a 100644 --- a/src/main/resources/clds/aaf/ssl/clamp.pem +++ b/src/main/resources/clds/aaf/ssl/clamp.pem @@ -1,32 +1,33 @@ Bag Attributes friendlyName: clamp@clamp.onap.org - localKeyID: 54 69 6D 65 20 31 35 37 31 30 36 38 34 31 31 38 30 37 + localKeyID: 54 69 6D 65 20 31 35 38 30 38 32 39 30 36 35 34 37 39 subject=CN = clamp, emailAddress = mark.d.manager@people.osaaf.com, OU = clamp@clamp.onap.org:DEV, OU = OSAAF, O = ONAP, C = US issuer=C = US, O = ONAP, OU = OSAAF, CN = intermediateCA_9 -----BEGIN CERTIFICATE----- -MIIETDCCAzSgAwIBAgIIGF6ukzqwlGIwDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE +MIIEWDCCA0CgAwIBAgIILw1zyDGqB5IwDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp -bnRlcm1lZGlhdGVDQV85MB4XDTE5MTAxNDE1NTM0MVoXDTIwMTAxNDE1NTM0MVow +bnRlcm1lZGlhdGVDQV85MB4XDTIwMDIwNDEyMjM1MloXDTIxMDIwNDEyMjM1Mlow gY8xDjAMBgNVBAMMBWNsYW1wMS4wLAYJKoZIhvcNAQkBFh9tYXJrLmQubWFuYWdl ckBwZW9wbGUub3NhYWYuY29tMSEwHwYDVQQLDBhjbGFtcEBjbGFtcC5vbmFwLm9y ZzpERVYxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJV -UzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKy68n2mMGqOvEj7lMbY -9NVFShv0LHW47dxQzNHTWbE2h2xJF0jeyrpDY2v496ehPt52jy6Ou7wbv0cF/JRY -GQ17eEmKQJfMNXrZzBq9a0aNYiw5kdzMl+Pxmu05sn+5Gl4aZuixjfzNTA1wbNPW -+bYrrsw97YFrNMjgkvHIZwnRtkRnRcYEw66nceqjZA7LsFpAw5OzbRbDdoHriHso -Cpqo2duWpQ62QsJQF2novFr2gFepLgWD4LV5mrO6LEtCCZZmzYQP7CXgVkMNoiQ3 -iDDhhNeGnGvzaBq5beujawBislfrcWojNqPSuP++rFhLLt+PNuwTVU8HEIfJS5of -FRMCAwEAAaOB8jCB7zAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIF4DAgBgNVHSUB +UzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJMHfScyHSFzMiS9Ymjs +6aDtwAeHPnQ0GEsHu77rShdEYLJrhKqyyqrE2c2o1BA/0yZ+Vbar9tl6lafxGTbd +foIuaghSWuPwEw+RQJGrOC+VpY9I0ArlBw6noZS9dO5fgSxpbEmFuz1SPPb6qLXf +uI06p8DHWxTKBqHWSMAuuoeRcOoka8h/FTkRLRqQGL+UHsDdakTnYpOKhIUlLkpu +emPWiB98Y0rICI2pTrUtwXUWNaYg1q3bPdkyT/deb4cIOD8Ys+duHgTUqgTXQ7bY +AzKzpgYTI++BF+tMXXcOwNfnY+aZQduRIHqTBL8J5XlS777xvpPYhak/Jnb7mm2Y +v60CAwEAAaOB/jCB+zAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIF4DAgBgNVHSUB Af8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwVAYDVR0jBE0wS4AUgfeZWxC5yIze 81Je6k5poEM+rN2hMKQuMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQ -MQswCQYDVQQGEwJVU4IBBzAdBgNVHQ4EFgQUicMoQoxguo6qFb7YZ2gZn8X0BV4w -OwYDVR0RBDQwMoIFY2xhbXCCHWNsYW1wLmFwaS5zaW1wbGVkZW1vLm9uYXAub3Jn -ggpjbGFtcC5vbmFwMA0GCSqGSIb3DQEBCwUAA4IBAQCMDZrqzL/orHH3WoLKj/JJ -+QOt89CTYJqX5rS2TbQgX/JdjXJzJsmY21dTHxg0+AdRmAUATHBFAOg/nLEfDUOh -NX0+OshoaTYjrI2ZH4j24UsoXzGffpjqPbLMZJ1uzxy4qTTvzeJJM1NsfKD4Er0B -KDgN66pzywJrxOXkTQZpmkgGeB9FwmBoLFKP2XJjXXT9c9Wol8ttrSqu/sy5e6/Y -SZLco8lXx0isxGgG5PfF9WSuikFRlC5LCmcSn9EfxQIOeGjzJQpuB8yqN/ojE8wY -ZBhaUM/+NETQNzsh4dZxq7ErSknND60NYit8rz9lWDDrNNKVF+8iFpoTb17V8e3C +MQswCQYDVQQGEwJVU4IBBzAdBgNVHQ4EFgQUzfIed+18wgFs7E6q0b6BbMICtfsw +RwYDVR0RBEAwPoIFY2xhbXCCCmNsYW1wLW9uYXCCHWNsYW1wLmFwaS5zaW1wbGVk +ZW1vLm9uYXAub3JnggpjbGFtcC5vbmFwMA0GCSqGSIb3DQEBCwUAA4IBAQBizhsW +XrJ9wQy3PrBxgh90sOF15tayXPRZSFYPoQb5LhRh3IY/PvXLaSHlkgPHlCLLx36S +0/DiVf86/83ABvyaq9gJIyg/m4ntNae23OKH1AkA1aN+JCKA8yhsAzDBcRF6Aj7E +VJ+vQlSzz5oh+efP1e/8DUMd1/WwbTXvRd0Iqv/fyZunbjb82qNMrsK1mQ2q+87A +0jx9u1EdeMihP6vWiuKzlwy4mKoNT573SPpvaOkjX3yDlmf2CTQZ9vdAvjmFmVsH +1wyrNZOIgW4VjluiZfAk3mOEskrZiP/7aUXnxmNnYTpgZMbhiouLbRrTc4lLEyhx +G7A61/KGTsLZlvxb -----END CERTIFICATE----- -- 2.16.6