Skip to content

Certificate Management Service

Available Setup Tasks

    all                       Runs all setup tasks
    root-ca                   Creates a self signed Root CA key pair in /etc/cms/root-ca/ for quality of life
    intermediate-ca           Creates a Root CA signed intermediate CA key pair(signing, tls-server and tls-client) in /etc/cms/intermediate-ca/ for quality of life
    tls                       Creates an intermediate-ca signed TLS key pair in /etc/cms for quality of life
    update-service-config     Sets or Updates the Service configuration

Environment Variables for Setup Tasks

Below are the variables that can be used to configure the setup tasks:

TLS:

    SAN_LIST    TLS SAN list

Update-service-config setup:

    AAS_BASE_URL                AAS Base URL
    TOKEN_DURATION_MINS         Validity of token duration
    SERVER_PORT                 The Port on which Server Listens to
    SERVER_READ_TIMEOUT         Request Read Timeout Duration in Seconds
    SERVER_READ_HEADER_TIMEOUT  Request Read Header Timeout Duration in Seconds
    SERVER_IDLE_TIMEOUT         Request Idle Timeout in Seconds
    LOG_LEVEL                   Log level
    LOG_MAX_LENGTH              Max length of log statement
    SERVER_MAX_HEADER_BYTES     Max Length Of Request Header in Bytes
    LOG_ENABLE_STDOUT           Enable console log
    SERVER_WRITE_TIMEOUT        Request Write Timeout Duration in Seconds

Root-ca setup:

    CMS_CA_CERT_VALIDITY        CA Certificate Validity
    CMS_CA_ORGANIZATION         CA Certificate Organization
    CMS_CA_LOCALITY             CA Certificate Locality
    CMS_CA_PROVINCE             CA Certificate Province
    CMS_CA_COUNTRY              CA Certificate Country

Intermediate-ca setup:

    CMS_CA_LOCALITY             CA Certificate Locality
    CMS_CA_PROVINCE             CA Certificate Province
    CMS_CA_COUNTRY              CA Certificate Country
    CMS_CA_CERT_VALIDITY        CA Certificate Validity
    CMS_CA_ORGANIZATION         CA Certificate Organization