1 Introduction

This document provides information about how to configure the services and manageable objects in OCCM using Representational State Transfer Application Program Interfaces (REST APIs).

1.1 Overview

OCCM integrates with the Certificate Authority(s) using Certificate Management Protocol Version 2 (CMPv2) and RFC4210 to facilitate these certificate management operations:

  • Operator-initiated certificate creation
  • Operator-initiated certificate recreation
  • Automatic certificate monitoring and renewal

Figure 1-1 OCCM Integration with CA


CMPv2 Message Authentication

OCCM supports transport of CMPv2 messages using HTTP-based protocol.

OCCM provides the following mechanisms to establish initial trust between OCCM and CA(s):
  1. Certificate-based message signing
  2. Pre-shared key or MAC based authentication

All the subsequent CMPv2 procedures are authenticated using the certificate-based mechanism in compliance with 3GPP TS 33.310.

The keys and X.509 certificates are managed using Kubernetes secrets.

1.2 Reference

Refer to the following documents for more information:
  • Oracle Communications Cloud Native Core, Certificate Management User Guide
  • Oracle Communications Cloud Native Core, Certificate Management Installation, Upgrade, and Fault Recovery Guide
  • Oracle Communications Cloud Native Core, Certificate Management Troubleshooting Guide
  • Oracle Communications Cloud Native Core, Certificate Management Network Impact Report