Hi Soumya, I tried to undigest the AAI keystore encrypted password and that didn't work for me as well.
$ java -jar aaf-cadi-core-2.1.15.jar undigest enc:XXX aaf/components/aai-resources/resources/config/aaf/org.onap.aai.keyfile Regards Vivek On Tue, Sep 29, 2020 at 1:20 AM Vivekanandan Muthukrishnan via lists.onap.org <[email protected]> wrote: > Hi Soumya, > > It seems like Jimmy is out of office. > > Could you please help us to regenerate Elalto AAI certificates or point us > to the steps to update the AAI expired certificates? > > I guess it is the same issue even with the AAI master branch as well. > Please advise us how to proceed. > > Regards > Vivek > > On Tue, Sep 29, 2020 at 12:37 AM Vivekanandan Muthukrishnan < > [email protected]> wrote: > >> Hi Jimmy, >> >> Could you please point us to the steps or documentation to replace AAI >> certificates. >> >> We cannot use our Elalto deployment due to AAI certificates that expired >> on *Sep 27 19:34:54 2020 GMT.* >> >> Regards >> Vivek >> >> >> On Mon, Sep 28, 2020 at 10:32 PM Vivekanandan Muthukrishnan via >> lists.onap.org <[email protected]> wrote: >> >>> Dear AAI team, >>> >>> The Elalto version of AAI certificate expired on *Sep 27 19:34:54 2020 >>> GMT* >>> >>> It seems like AAI is obfuscating the password as shown below. >>> >>> >>> *components/aai-resources/values.yaml: keyStorePassword: >>> OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10* >>> >>> I was referring to the hardcoded password list to >>> https://wiki.onap.org/display/DW/OOM+Hardcoded+Passwords+List >>> >>> The *onapSecret *& *changeit* did not work. >>> >>> I would appreciate any references to AAI keystore password and key file >>> password. >>> >>> Regards >>> Vivek >>> >>> *# Log snipped for your reference* >>> *# AAI SSL certificate issue* >>> >>> export SERVER_IP=10.43.146.9 >>> export SERVER_PORT=8443 >>> echo | openssl s_client -showcerts \ >>> -servername gnupg.org \ >>> -connect ${SERVER_IP}:${SERVER_PORT} 2>/dev/null \ >>> | openssl x509 -inform pem -noout -text >>> >>> Certificate: >>> Data: >>> Version: 3 (0x2) >>> Serial Number: 2781022223073201926 (0x26982cfa36becf06) >>> Signature Algorithm: sha256WithRSAEncryption >>> Issuer: C = US, O = ONAP, OU = OSAAF, CN = intermediateCA_9 >>> Validity >>> Not Before: Sep 27 19:34:54 2019 GMT >>> Not After : Sep 27 19:34:54 2020 GMT >>> >>> > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#22204): https://lists.onap.org/g/onap-discuss/message/22204 Mute This Topic: https://lists.onap.org/mt/77178744/21656 Group Owner: [email protected] Unsubscribe: https://lists.onap.org/g/onap-discuss/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
