OOM Certification Service Release Notes¶
Version: 2.4.0¶
Abstract¶
This document provides the release notes for the Istanbul release.
Summary¶
Certificate update use case is now available. For details go to: How to use instructions
Release Data¶
Project |
OOM |
Docker images |
|
Release designation |
Istanbul |
New features¶
OOM-2754 Implement certificate update in CMPv2 external issuer
OOM-2753 Implement certificate update in CMPv2 CertService
OOM-2744 Remove CertService Client mechanism from ONAP
OOM-2649 Update contrib/ejbca to 7.x
Bug fixes
OOM-2771 Fix CertificateRequest resource was not found issue in CMPv2 external issuer
OOM-2764 Fix sonar issues in CertService
Known Issues
If Cert-Manager was down for some time and did not trigger certificate update on time, then updating an outdated certificate may require manual actions. The required actions are described in Troubleshooting section
Deliverables¶
Software Deliverables¶
Docker images mentioned in Release Date section.
Documentation Deliverables¶
Known Limitations, Issues and Workarounds¶
System Limitations¶
Any known system limitations.
Known Vulnerabilities¶
Any known vulnerabilities.
Workarounds¶
Any known workarounds.
Test Results¶
Not applicable
References¶
For more information on the ONAP Istanbul release, please see:
Version: 2.3.3¶
Abstract¶
This document provides the release notes for the Honolulu release.
Summary¶
Certification Service provides certificates signed by external CMPv2 server - such certificates are further called operators certificates. Operators certificates are meant to secure external ONAP traffic - traffic between network functions (xNFs) and ONAP.
This project was moved from Application Authorization Framework (AAF), to check previous release notes see, AAF CertService release notes .
Release Data¶
Project |
OOM |
Docker images |
|
Release designation |
Honolulu |
New features¶
OOM-2560 Integrated CMPv2 certificate provider with Cert-Manager
An CMPv2 certificate provider is a part of PKI infrastructure. It consumes CertificateRequest custom resource from Cert-Manager and calls CertService API to enroll certificate from CMPv2 server. During ONAP deployment, the CMPv2 certificate provider is enabled when flags cmpv2Enabled, CMPv2CertManagerIntegration and platform.enabled equals true.
More information can be found on dedicated wiki page
OOM-2632 Extended CertService API and clients to correctly support SANs parameters such as: e-mails, URIs and IP addresses.
Bug fixes
OOM-2656 Adjusted CertService API to RFC4210 - changed MAC protection algorithm and number of iteration for such algorithm.
OOM-2657 Enhanced CertServiceAPI response in order to include CMP server error messages.
OOM-2658 Fixed KeyUsage extension sent to CMPv2 server
Known Issues
None
Deliverables¶
Software Deliverables¶
Docker images mentioned in Release Date section.
Documentation Deliverables¶
Known Limitations, Issues and Workarounds¶
System Limitations¶
Any known system limitations.
Known Vulnerabilities¶
Any known vulnerabilities.
Workarounds¶
Any known workarounds.
Test Results¶
Not applicable
References¶
For more information on the ONAP Honolulu release, please see: