diff options
Diffstat (limited to 'xyz/openbmc_project/Certs/README.md')
-rw-r--r-- | xyz/openbmc_project/Certs/README.md | 23 |
1 files changed, 19 insertions, 4 deletions
diff --git a/xyz/openbmc_project/Certs/README.md b/xyz/openbmc_project/Certs/README.md index ad9a228..d438faa 100644 --- a/xyz/openbmc_project/Certs/README.md +++ b/xyz/openbmc_project/Certs/README.md @@ -21,6 +21,25 @@ in .pem format, which includes both private key and signed certificate. of the certificate application handling LDAP client certificate. - REST server should call the install method of the certificate application instance. +- Certificate manager application also implements d-bus object + xyz.openbmc_project.Certs.Manager. This includes the collection of + "certificates specific d-bus objects" installed in the system. This d-bus + provide option to view the certificate on PEM format and delete the same. + Refer https://en.wikipedia.org/wiki/Privacy-Enhanced_Mail for details. + e.g. for Certificate specific d-bus path + - /xyz/openbmc_project/certs/Server/<unique-id> maps to + instance of the server types certificate. + - /xyz/openbmc_project/certs/Client/<unique-id> maps to + instance of the client type certificate. + note: unique id is the hash value of certificate issuer and serial number. + +- Applications should subscribe the xyz.openbmc_project.Certs.Manager + to see any new certificate is uploaded or change in the existing + certificates. +- Certificate manager scope is limited to manage the certificate and impacted + application is responsible for application specific changes. +- Incase of delete action, certificate manager creates a new self signed + certificate after successful delete. ### REST interface details: @@ -49,10 +68,6 @@ in .pem format, which includes both private key and signed certificate. 500 Internal server error ``` - - -### d-bus interfaces: - #### d-bus interface to install certificate and private Key - Certs application must: - validate the certificate and Private key file by checking, if the Private |