Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

This page contains information about the default certs in Policy Agent and SDNC-A1 controller, as well as how to update/replace them using docker.

SDNC-A1 Controller

The SDNC-A1 controller uses the default keystore and truststore that are built into the container.

The paths and passwords for these stores are located in a properties file:
              nonrtric/sdnc-a1-controller/oam/installation/src/main/properties/https-props.properties

The default truststore includes the a1simulator cert as a trusted cert which is located here:
https://gerrit.o-ran-sc.org/r/gitweb?p=sim/a1-interface.git;a=tree;f=near-rt-ric-simulator/certificate;h=172c1e5aacd52d760e4416288dc5648a5817ce65;hb=HEAD

The default keystore, truststore, and https-props.properties files can be overridden by mounting new files using the "volumes" field of docker-compose. Uncommment the following lines in docker-compose to do this, and provide paths to the new files:

#volumes:
#        - <path_to_keystore>:/etc/ssl/certs/java/keystore.jks:ro
#        - <path_to_truststore>:/etc/ssl/certs/java/truststore.jks:ro
#        - <path_to_https-props>:/opt/onap/sdnc/data/properties/https-props.properties:ro

The target paths in the container should not be modified.

For example, assuming that the keystore, truststore, and https-props.properties files are located in the same directory as docker-compose:

volumes:
        - ./new_keystore.jks:/etc/ssl/certs/java/keystore.jks:ro

        - ./new_truststore.jks:/etc/ssl/certs/java/truststore.jks:ro

        - ./new_https-props.properties:/opt/onap/sdnc/data/properties/https-props.properties:ro



  • No labels