Create Private Key and Certificates to Enable OAuth
- Auth token generator, OCNRF provides its public key to NSSF.
- User must create kubernetes secret to store NRF public key.
There can be multiple NRF public keys.
File Name or key (this key is of map) of Public Key must be in the following format:
"{nrfInstanceId}_{SigningAlgorithm}.pem
"where
nrfInstanceId
is Instance Id of NRF.SigningAlgorithm
can have following values:ES256: ECDSA using P-256 and SHA-256 ES384: ECDSA using P-384 and SHA-384 ES512: ECDSA using P-521 and SHA-512 RS256: RSASSA-PKCS-v1_5 using SHA-256 RS384: RSASSA-PKCS-v1_5 using SHA-384 RS512: RSASSA-PKCS-v1_5 using SHA-512 PS256: RSASSA-PSS using SHA-256 and MGF1 with SHA-256 PS384: RSASSA-PSS using SHA-384 and MGF1 with SHA-384 PS512: RSASSA-PSS using SHA-512 and MGF1 with SHA-512
- Generate secret out of the keys and certificates by executing
the following command:
kubectl create secret generic <Secret_Name> --from-file={nrfInstanceId}_{SigningAlgorithm}.pem-n <NameSpace>
Example:
kubectl create secret generic nrfpublickeysecret --from-file=fe7d992b-0541-4c7d-ab84-c6d70b1b01b1_RS256.pem-n ocnssf