Add validation of recieved message and refactor code
Signed-off-by: Aleksandra Maciaga <aleksandra.maciaga@nokia.com>
Issue-ID: AAF-997
Change-Id: Idea7fba7cf33ff605c9f0980f82066b19559d29b
diff --git a/plans/aaf/certservice/cmpServers.json b/plans/aaf/certservice/cmpServers.json
index f461edc..d6557c5 100644
--- a/plans/aaf/certservice/cmpServers.json
+++ b/plans/aaf/certservice/cmpServers.json
@@ -1,23 +1,23 @@
{
"cmpv2Servers": [
{
- "caName": "TEST",
- "url": "http://127.0.0.1/ejbca/publicweb/cmp/cmp",
+ "caName": "Client",
+ "url": "http://aafcert-ejbca:8080/ejbca/publicweb/cmp/cmp",
"issuerDN": "CN=ManagementCA",
"caMode": "CLIENT",
"authentication": {
- "iak": "xxx",
- "rv": "yyy"
+ "iak": "mypassword",
+ "rv": "mypassword"
}
},
{
- "caName": "TEST2",
- "url": "http://127.0.0.1/ejbca/publicweb/cmp/cmpRA",
- "issuerDN": "CN=ManagementCA2",
+ "caName": "RA",
+ "url": "http://aafcert-ejbca:8080/ejbca/publicweb/cmp/cmpRA",
+ "issuerDN": "CN=ManagementCA",
"caMode": "RA",
"authentication": {
- "iak": "xxx",
- "rv": "yyy"
+ "iak": "mypassword",
+ "rv": "mypassword"
}
}
]
diff --git a/plans/aaf/certservice/docker-compose.yml b/plans/aaf/certservice/docker-compose.yml
index 83aff56..384158a 100644
--- a/plans/aaf/certservice/docker-compose.yml
+++ b/plans/aaf/certservice/docker-compose.yml
@@ -2,7 +2,7 @@
services:
ejbca:
- image: primekey/ejbca-ce
+ image: primekey/ejbca-ce:6.15.2.5
hostname: cahostname
container_name: aafcert-ejbca
ports:
diff --git a/plans/aaf/certservice/scripts/ejbca-configuration.sh b/plans/aaf/certservice/scripts/ejbca-configuration.sh
index cdff77d..7ec1fa3 100755
--- a/plans/aaf/certservice/scripts/ejbca-configuration.sh
+++ b/plans/aaf/certservice/scripts/ejbca-configuration.sh
@@ -8,9 +8,11 @@
ejbca.sh config cmp addalias --alias cmpRA
ejbca.sh config cmp updatealias --alias cmpRA --key operationmode --value ra
ejbca.sh ca editca --caname ManagementCA --field cmpRaAuthSecret --value mypassword
+ ejbca.sh config cmp updatealias --alias cmpRA --key responseprotection --value pbe
ejbca.sh config cmp dumpalias --alias cmpRA
ejbca.sh config cmp addalias --alias cmp
ejbca.sh config cmp updatealias --alias cmp --key allowautomatickeyupdate --value true
+ ejbca.sh config cmp updatealias --alias cmp --key responseprotection --value pbe
ejbca.sh ra addendentity --username Node123 --dn "CN=Node123" --caname ManagementCA --password mypassword --type 1 --token USERGENERATED
ejbca.sh ra setclearpwd --username Node123 --password mypassword
ejbca.sh config cmp updatealias --alias cmp --key extractusernamecomponent --value CN
@@ -18,5 +20,5 @@
ejbca.sh ca getcacert --caname ManagementCA -f /dev/stdout > cacert.pem
}
-waitForEjbcaStartUp 30
+waitForEjbcaStartUp 45
configureEjbca
diff --git a/plans/aaf/certservice/setup.sh b/plans/aaf/certservice/setup.sh
index 17a278d..dde516a 100644
--- a/plans/aaf/certservice/setup.sh
+++ b/plans/aaf/certservice/setup.sh
@@ -57,5 +57,5 @@
export AAFCERT_IP=${AAFCERT_IP}
# Wait container ready
-sleep 10
+sleep 15