1 Introduction
This document provides information about how to configure the services and manageable objects in OCCM using Representational State Transfer Application Program Interfaces (REST APIs).
1.1 Overview
OCCM integrates with the Certificate Authority(s) using Certificate Management Protocol Version 2 (CMPv2) and RFC4210 to facilitate these certificate management operations:
- Operator-initiated certificate creation
- Operator-initiated certificate recreation
- Automatic certificate monitoring and renewal
Figure 1-1 OCCM Integration with CA
OCCM supports transport of CMPv2 messages using HTTP-based protocol.
OCCM provides the following mechanisms to establish initial trust between OCCM and
CA(s):
- Certificate-based message signing
- Pre-shared key or MAC based authentication
All the subsequent CMPv2 procedures are authenticated using the certificate-based mechanism in compliance with 3GPP TS 33.310.
The keys and X.509 certificates are managed using Kubernetes secrets.
1.2 Reference
Refer to the following documents for more information:
- Oracle Communications Cloud Native Core, Certificate Management User Guide
- Oracle Communications Cloud Native Core, Certificate Management Installation, Upgrade, and Fault Recovery Guide
- Oracle Communications Cloud Native Core, Certificate Management Troubleshooting Guide
- Oracle Communications Cloud Native Core, Certificate Management Network Impact Report