I dont know if MultiCloud/MultiVIM might be able to proxy non-client certificate to client certificate for you ?
Brian From: FREEMAN, BRIAN D Sent: Thursday, April 18, 2019 9:20 AM To: [email protected]; [email protected] Subject: RE: [onap-discuss] cloud register (openstack) with certificate I dont think we support client certificates in the openstack interface in robot today. I also dont think SO supports client certifficates to openstack and that is the bigger issue. WRT Robot, Two options: 1. Comment out the Openstack Keyword and set the variables that it would have gotten by hand and then let the init_customer proceed for you with that data. * As an aside – everything robot does can be done via postman to AAI for init_customer – look for the postman collections in the integration repo 2. Modify robot to support client certificates Commenting out the Openstack calls in robot and setting the variables within the modified robot script is easiest. It might not be that hard to add client certificates but it will be more tedious. You may need to remove the keystone line in runTags.sh so you can see the keystone details in the log.html on nodeport 30209. Remove this line for debugging: VARIABLES="--removekeywords name:keystone_interface.*" The keystone_interface.robot and openstack_common.robot files have the Get / Post / Delete operations for openstack so that is a place to start to look for a change (kubectl -n onap exec -it <robot pod> bash) or edit a git clone and kubectl -n onap cp <robotpod>:/var/opt/ONAP/robot .... the file into the robot container from your VM. I think you want to “experiment” by modifying the Keyword that is creating the session to Openstack to use the “Add Client Cert” Keyword from the RequestClientCert library. But the bigger issue will be that SO doesnt support openstack client certificates either. Brian From: [email protected]<mailto:[email protected]> <[email protected]<mailto:[email protected]>> On Behalf Of [email protected]<mailto:[email protected]> Sent: Thursday, April 18, 2019 4:44 AM To: [email protected]<mailto:[email protected]> Subject: [onap-discuss] cloud register (openstack) with certificate hi all, My openstack service was migrated and now i need a certificate to use the API. So, when i try to run "init_customer" it will fail (file attached). Is there a way to pass the certificate?? Best regards Pedro -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#16625): https://lists.onap.org/g/onap-discuss/message/16625 Mute This Topic: https://lists.onap.org/mt/31221655/21656 Group Owner: [email protected] Unsubscribe: https://lists.onap.org/g/onap-discuss/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
