diff options
| author | Marri Devender Rao <devenrao@in.ibm.com> | 2019-05-17 08:34:37 -0500 |
|---|---|---|
| committer | Ed Tanous <ed.tanous@intel.com> | 2019-08-16 18:08:23 +0000 |
| commit | cfcd5f6bd9289c97e25d809068e579f7f3d45aeb (patch) | |
| tree | 43f6a35518bd7f23ad249f725c8426594cf63088 /redfish-core/include | |
| parent | 3b7f0149959f976ab18ecb5b510c505f2f1f3c94 (diff) | |
| download | bmcweb-cfcd5f6bd9289c97e25d809068e579f7f3d45aeb.tar.gz bmcweb-cfcd5f6bd9289c97e25d809068e579f7f3d45aeb.zip | |
Redfish: Add TrustStore certificate support
1) Implements CertificateCollection schema to upload
CA certificates and to list existing CA certificates
2) Modified CertificateLocatons schema to list CA
certificates
3) Modified ReplaceCertificate action of CertificateService
schema to cater for replacing existing CA certificate
Tested:
1) No validation failure
2) Truststore CertificateCollection
curl -k -H "X-Auth-Token: $bmc_token" -X GET
https://${bmc}/redfish/v1/Managers/bmc/Truststore/Certificates/
{
"@odata.context":
"/redfish/v1/$metadata#CertificateCollection.CertificateCollection",
"@odata.id": "/redfish/v1/Managers/bmc/Truststore/Certificates/",
"@odata.type": "#CertificateCollection.CertificateCollection",
"Description": "A Collection of TrustStore certificate instances",
"Members": [],
"Members@odata.count": 0,
"Name": "TrustStore Certificates Collection"
}
3) Upload certificate
curl -c cjar -b cjar -k -H "X-Auth-Token: $bmc_token" -H "Content-Type:
application/octet-stream" -X POST -T cert.pem
https://${bmc}/redfish/v1/Managers/bmc/Truststore/Certificates
{
"@odata.context": "/redfish/v1/$metadata#Certificate.Certificate",
"@odata.id": "/redfish/v1/Managers/bmc/Truststore/Certificates/1",
"@odata.type": "#Certificate.v1_0_0.Certificate",
"CertificateString": ----\n",
"Id": "1",
"Issuer": {
"CommonName": "localhost",
"Organization": "openbmc-project.xyz"
},
}
4) Certificate Locations
curl -k -H "X-Auth-Token: $bmc_token" -X GET
https://${bmc}/redfish/v1/CertificateService/CertificateLocations/
{
"@odata.context":
"/redfish/v1/$metadata#CertificateLocations.CertificateLocations",
"@odata.id": "/redfish/v1/CertificateService/CertificateLocations",
"@odata.type": "#CertificateLocations.v1_0_0.CertificateLocations",
"Description": "Defines a resource that an administrator can use in order
tolocate all certificates installed on a given service",
"Id": "CertificateLocations",
"Links": {
"Certificates": [
{
"@odata.id":
"/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/1"
},
{
"@odata.id": "/redfish/v1/AccountService/LDAP/Certificates/1"
},
{
"@odata.id": "/redfish/v1/Managers/bmc/Truststore/Certificates/1"
}
],
"Certificates@odata.count": 3
},
"Name": "Certificate Locations"
}
5)Replace certificate
curl -c cjar -b cjar -k -H "X-Auth-Token: $bmc_token" -X POST
https://${bmc}/redfish/v1/CertificateService/Actions/Certificateervice.ReplaceCertificate/
-d @data_auth.json
{
"@odata.context": "/redfish/v1/$metadata#Certificate.Certificate",
"@odata.id": "/redfish/v1/Managers/bmc/Truststore/Certificates/1",
"@odata.type": "#Certificate.v1_0_0.Certificate",
"CertificateString": "-----BEGIN CERTIFICATE--------\n",
"Id": "1",
"Issuer": {
"CommonName": "localhost",
"Organization": "openbmc-project.xyz"
},
6)List CertificateCollection
curl -k -H "X-Auth-Token: $bmc_token" -X GET
https://${bmc}/redfish/v1/Managers/bmc/Truststore/Certificates/
{
"@odata.context":
"/redfish/v1/$metadata#CertificateCollection.CertificateCollection",
"@odata.id": "/redfish/v1/Managers/bmc/Truststore/Certificates/",
"@odata.type": "#CertificateCollection.CertificateCollection",
"Description": "A Collection of TrustStore certificate instances",
"Members": [
{
"@odata.id": "/redfish/v1/Managers/bmc/Truststore/Certificates/1"
}
],
"Members@odata.count": 1,
"Name": "TrustStore Certificates Collection"
}
Change-Id: Ic9644fadfe6fe89b529e16336cc6bcd804810b3a
Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com>
Diffstat (limited to 'redfish-core/include')
| -rw-r--r-- | redfish-core/include/redfish.hpp | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/redfish-core/include/redfish.hpp b/redfish-core/include/redfish.hpp index 93418e4..ec6d0d7 100644 --- a/redfish-core/include/redfish.hpp +++ b/redfish-core/include/redfish.hpp @@ -135,6 +135,9 @@ class RedfishService nodes.emplace_back(std::make_unique<LDAPCertificateCollection>(app)); nodes.emplace_back(std::make_unique<LDAPCertificate>(app)); nodes.emplace_back(std::make_unique<CertificateActionGenerateCSR>(app)); + nodes.emplace_back( + std::make_unique<TrustStoreCertificateCollection>(app)); + nodes.emplace_back(std::make_unique<TrustStoreCertificate>(app)); nodes.emplace_back(std::make_unique<SystemPCIeFunction>(app)); nodes.emplace_back(std::make_unique<SystemPCIeDevice>(app)); for (const auto& node : nodes) |
