diff options
author | Marri Devender Rao <devenrao@in.ibm.com> | 2018-10-09 15:53:30 +0300 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2018-11-20 07:02:52 +0300 |
commit | 09a8ceb9a797f7d531fcca5dfd072363bc8753b9 (patch) | |
tree | 1e1a357c770a86ed8dd42a1f02a2fc3763c5f8ab | |
parent | 4227626f7cc6113613e5495b828ae6b486c03da6 (diff) | |
download | openbmc-09a8ceb9a797f7d531fcca5dfd072363bc8753b9.tar.xz |
phosphor-certificate-manager: Add new nslcd authority certificate service
Added new service to install CA certificate
To start/stop service use commands
systemctl start phosphor-certificate-manager@authority.service
systemctl status phosphor-certificate-manager@authority.service
Tested:
2$ curl -c cjar -b cjar -k -H "Content-Type: application/octet-stream" -X
PUT -T cert.pem https://$BMC_IP//xyz/openbmc_project/certs/authority/ldap
{
"data": null,
"message": "200 OK",
"status": "ok"
}
root@witherspoon-w5:/tmp# systemctl stop phosphor-certificate-manager@authority.service
root@witherspoon-w5:/tmp#
root@witherspoon-w5:/tmp# systemctl start phosphor-certificate-manager@authority.service
root@witherspoon-w5:/tmp#
(From meta-phosphor rev: 139b373080872a96f7c64dfdc46807ed993daff0)
Change-Id: I993f1d7db13212f04022fd562ea058f389b26da9
Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
2 files changed, 24 insertions, 0 deletions
diff --git a/meta-phosphor/recipes-phosphor/certificate/phosphor-nslcd-authority-cert-config.bb b/meta-phosphor/recipes-phosphor/certificate/phosphor-nslcd-authority-cert-config.bb new file mode 100644 index 000000000..4e240ad38 --- /dev/null +++ b/meta-phosphor/recipes-phosphor/certificate/phosphor-nslcd-authority-cert-config.bb @@ -0,0 +1,15 @@ +SUMMARY = "Phosphor certificate manager configuration for an nslcd authority service" + +PR = "r1" + +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://${PHOSPHORBASE}/LICENSE;md5=19407077e42b1ba3d653da313f1f5b4e" + +RRECOMMENDS_${PN} = "phosphor-certificate-manager" + +inherit allarch +inherit obmc-phosphor-systemd + +SYSTEMD_SERVICE_${PN} = "" +SYSTEMD_ENVIRONMENT_FILE_${PN} = "obmc/cert/authority" +SYSTEMD_LINK_${PN} = "../phosphor-certificate-manager@.service:${SYSTEMD_DEFAULT_TARGET}.wants/phosphor-certificate-manager@authority.service" diff --git a/meta-phosphor/recipes-phosphor/certificate/phosphor-nslcd-authority-cert-config/obmc/cert/authority b/meta-phosphor/recipes-phosphor/certificate/phosphor-nslcd-authority-cert-config/obmc/cert/authority new file mode 100644 index 000000000..849d695b5 --- /dev/null +++ b/meta-phosphor/recipes-phosphor/certificate/phosphor-nslcd-authority-cert-config/obmc/cert/authority @@ -0,0 +1,9 @@ +#REST URI endpoint +#example: /xyz/openbmc_project/certs/authority/ldap +ENDPOINT=ldap + +#Path for the certificate file +CERTPATH=/etc/ssl/certs/Root-CA.pem + +#Type of service +TYPE=authority |