1. Network Slice Selection Function (NSSF) Cloud Native Installation Guide
  2. Installing NSSF
  3. NSSF Pre-deployment Configuration
  4. Create Private Key and Certificates to Enable OAuth

Create Private Key and Certificates to Enable OAuth

  1. Auth token generator, OCNRF provides its public key to NSSF.
  2. User must create kubernetes secret to store NRF public key.

    There can be multiple NRF public keys.

    File Name or key (this key is of map) of Public Key must be in the following format:

    "{nrfInstanceId}_{SigningAlgorithm}.pem"

    where nrfInstanceIdis Instance Id of NRF.

    SigningAlgorithm can have following values: 

    ES256: ECDSA using P-256 and SHA-256
ES384: ECDSA using P-384 and SHA-384
ES512: ECDSA using P-521 and SHA-512
RS256: RSASSA-PKCS-v1_5 using SHA-256
RS384: RSASSA-PKCS-v1_5 using SHA-384
RS512: RSASSA-PKCS-v1_5 using SHA-512
PS256: RSASSA-PSS using SHA-256 and MGF1 with SHA-256
PS384: RSASSA-PSS using SHA-384 and MGF1 with SHA-384
PS512: RSASSA-PSS using SHA-512 and MGF1 with SHA-512
  3. Generate secret out of the keys and certificates by executing the following command:

    kubectl create secret generic <Secret_Name> --from-file={nrfInstanceId}_{SigningAlgorithm}.pem-n <NameSpace>

    Example:

    kubectl create secret generic nrfpublickeysecret --from-file=fe7d992b-0541-4c7d-ab84-c6d70b1b01b1_RS256.pem-n ocnssf