Home
last modified time | relevance | path

Searched refs:certificate (Results 1 – 25 of 184) sorted by relevance

12345678

/openbmc/phosphor-webui/app/common/directives/
H A Dcertificate.js38 $scope.isDeletable = function(certificate) {
42 $scope.confirmDeleteCert = function(certificate) {
43 initRemoveModal(certificate);
50 function initRemoveModal(certificate) {
59 this.certificate = certificate;
64 deleteCert(certificate);
76 function deleteCert(certificate) {
78 APIUtils.deleteRedfishObject(certificate['@odata.id'])
97 $scope.replaceCertificate = function(certificate) {
99 if (certificate.file.name.split('.').pop() !==
[all …]
/openbmc/phosphor-dbus-interfaces/yaml/xyz/openbmc_project/Certs/
H A DREADME.md9 certificate, using an unencrypted certificate and private key file in .pem
20 certificate application handling Https server certificate.
22 certificate application handling LDAP client certificate.
81 to create SSL certificate.
154 certificate.
170 certificate.
171 - In case of server type certificate deleting a signed certificate will create a
179 - In case of no Https certificate or invalid Https certificate, certificate
180 manager should update the https certificate with self signed certificate.
238 certificate details.
[all …]
H A DCertificate.interface.yaml2 Implement to provide certificate management features.
4 An OpenBMC implementation providing installed certificate management
7 certificate objects.
12 The string for the certificate.
19 signed by a certificate authority or self-signed. Refer
25 a certificate.
35 certificate revocation lists (CLRs).
65 The issuer of the certificate.
75 The subject of the certificate
102 certificate.
[all …]
H A DReplace.interface.yaml2 Certificate interface to replace existing certificate.
6 Replace the certificate and restart the associated services.
11 Path of file that contains both the certificate public and
13 certificate and private key).
/openbmc/phosphor-certificate-manager/
H A DREADME.md1 # phosphor-certificate-manager
18 Usage: ./phosphor-certificate-manager [options]
21 --type certificate type
24 --path certificate file path
28 ### Https certificate management
30 **Purpose:** Server https certificate
37 ### CA certificate management
39 **Purpose:** Client certificate validation
46 ### LDAP client certificate management
48 **Purpose:** LDAP client certificate validation
[all …]
/openbmc/docs/designs/management-console/
H A DVMI_Certificate_Exchange.md39 and gets the signed certificate and the CA certificate from VMI. This design
67 certificate and Root CA certificate via proposed BMC interface.
106 ### VMI certificate exchange
111 #### Get Signed certificate:
123 certificate
132 #### Get Root certificate:
143 certificate.
162 certificate authority in order to apply for a digital identity certificate.
165 - CSR certificate is passed onto the CA to sign the certificate and then upload
166 CSR signed certificate and install the certificate.
[all …]
H A DAuthorities_List_Management.md13 The current phosphor-certificate-manager doesn't have good support to manage
19 2. It only extracts the first certificate given a PEM encoded file with multiple
25 Phosphor-certificate-manager (only the Authority Manager) and BMCWeb will
36 4. Recovery at boot up: when the phosphor-certificate-manager gets instantiated,
41 is an invalid certificate in the list, the service won't install any of the
53 When certificate type is Authority, rather than just extract the first
54 certificate, we will iterate through each certificate, validate it, create
57 boost's `ssl_context`) for each certificate, and finally copy the PEM file to
70 The certificate manager will implement the new ReplaceAll interface. Upon
74 For other types of certificate manager (server & client), the service throws a
[all …]
/openbmc/webui-vue/src/views/SecurityAndAccess/Certificates/
H A DModalUploadCertificate.vue4 <template v-if="certificate">
16 <dd>{{ certificate.certificate }}</dd>
24 label-for="certificate-type"
27 id="certificate-type"
44 id="certificate-file"
58 <template v-if="certificate">
81 certificate: {
140 addNew: !this.certificate,
142 location: this.certificate ? this.certificate.location : null,
143 type: this.certificate
[all …]
H A DCertificates.vue97 <modal-upload-certificate :certificate="modalCertificate" @ok="onModalOk" />
142 key: 'certificate',
176 ...certificate,
202 acc.push(val.certificate);
211 acc.push(val.certificate);
239 this.modalCertificate = certificate;
242 initModalDeleteCertificate(certificate) {
246 issuedBy: certificate.issuedBy,
247 certificate: certificate.certificate,
262 // Upload a new certificate
[all …]
/openbmc/webui-vue/src/store/modules/SecurityAndAccess/
H A DCertificatesStore.js5 const certificate = certificateTypes.find( constant
6 (certificate) => certificate.type === type,
8 return certificate ? certificate[prop] : null;
71 }) => Certificates.map((certificate) => certificate['@odata.id']),
90 certificate: getCertificateProp(
104 .map((certificate) => certificate.type)
126 certificate: getCertificateProp( property in AnonymousClass3283684f0c01
155 certificate: getCertificateProp( property in AnonymousClass3283684f0f01
175 certificate: getCertificateProp( property in AnonymousClass3283684f1201
/openbmc/openbmc-test-automation/docs/
H A Dcertificate_generate.md1 ## Steps to create and install CA signed certificate
5 A. Create your own SSL certificate authority
7 B. Generate CSR for server certificate
11 D. Install CA signed server certificate
13 **Create your own SSL certificate authority**
31 into your certificate request.
46 **Generate CSR for server certificate**
131 $ cat certificate.json
144 Replace server certificate using JSON file (above) with CA signed certificate
145 details (certificate.json).
[all …]
H A Dredfish_request_via_mTLS.md14 - **VALID_CERT** indicates valid mTLS certificate for authentication. When a
15 redfish request doesn't specify a certificate, no certificate by default.
27 ## How to send a redfish request with certificate
30 library **requests** with certificate. It supports for all Redfish REST
36 cert_dict = kwargs.pop('certificate', {"certificate_name":VALID_CERT})
45 the request with the default certificate ${VALID_CERT}.
47 - The example provides Redfish request to use other certificate in the Robot
52 Redfish.Get ${VALID_URL} certificate=&{certificate_dict}
60 mTLS authentication. (Requires test certificate with different privileges or
70 follows: Prepare a certificate with the user name "admin_user" in advance. Use
[all …]
/openbmc/docs/designs/
H A Dredfish-tls-user-authentication.md50 proper `user`'s certificate from `CA`. After this certificate is acquired,
51 `User` can use this certificate when initializing HTTPS sessions.
105 certificate object on CertificateCollection.
145 +---------+ Is certificate valid |
204 responsible for determining whether certificate is valid or not. For certificate
211 - certificate has to be in it's validity period
213 - has to be properly signed by certificate authority
214 - certificate cannot be revoked
215 - certificate is well-formed according to X.509
216 - certificate cannot be self-signed
[all …]
H A Dcertificate-revocation-list.md9 This design is to add management interfaces for certificate revocation list in
14 A certificate revocation list (CRL) is a list of digital certificates that have
15 been revoked by the issuing certificate authority (CA) before their actual or
21 Current OpenBMC certificate management architecture contains two main
24 1. [phosphor-certificate-manager](https://github.com/openbmc/phosphor-certificate-manager)
25 owns certificate objects and implements management interfaces; currently
30 translates certificate objects into Redfish resources. BMCWeb is also a
45 2. whenever CRLs change, the certificate management system shall notify
62 ### phosphor-certificate-manager
64 We propose to add a new type of certificate-manager (CRL-manager) to the
[all …]
/openbmc/openbmc-tools/openbmctool/
H A DREADME.md97 ### Update HTTPS server certificate
104 containing both certificate and private key.
106 ### Update LDAP client certificate
114 ### Update LDAP root certificate
120 File: The PEM file containing only certificate.
122 ### Delete HTTPS server certificate
128 Deleting a certificate will create a new self-signed certificate and will
131 ### Delete LDAP client certificate
137 ### Delete LDAP root certificate
180 admin to upload the CA certificate to the BMC.
[all …]
/openbmc/docs/security/
H A DTLS-configuration.md20 For a certificate to be marked as valid, it (and every certificate in the chain)
26 certificate and `serverAuth` for server certificate (see rfc 3280 4.2.1.13)
118 ### Create a new CA certificate
134 ### Create client certificate signed by given CA certificate
145 Generate a certificate signing request.
155 Sign the certificate using your `CA-cert.pem` certificate with following
164 ### Create server certificate signed by given CA certificate
167 [Create a new CA certificate](#Create-a-new-CA-certificate), although a
189 Sign the certificate using your `CA-cert.pem` certificate with following
427 If TLS is enabled, valid CA certificate was uploaded and the server certificate
[all …]
/openbmc/openbmc-test-automation/redfish/dmtf_tools/
H A Dtest_redfishtool_certificate.robot4 Documentation Suite to test certificate via DMTF redfishtool.
32 [Documentation] Verify replace server certificate.
39 [Documentation] Verify replace client certificate.
46 [Documentation] Verify replace CA certificate.
117 # Create certificate file for uploading.
122 # Install CA certificate.
125 # Adding delay after certificate installation.
128 # Check error while uploading same certificate.
275 Logging Installed certificate id: ${cert_id}
278 # Adding delay after certificate installation.
[all …]
/openbmc/openbmc-test-automation/redfish/managers/
H A Dtest_certificate.robot2 Documentation Test certificate in OpenBMC.
26 [Documentation] Verify server certificate replace.
38 [Documentation] Verify client certificate replace.
50 [Documentation] Verify CA certificate replace.
60 [Documentation] Verify client certificate install.
72 [Documentation] Verify CA certificate install.
86 # Get CA certificate count from BMC.
104 # Create certificate file for uploading.
109 # Install CA certificate.
112 # Adding delay after certificate installation.
[all …]
/openbmc/openbmc-test-automation/lib/
H A Dcertificate_utils.robot10 # Default wait sync time for certificate install and restart services.
21 # uri URI for installing certificate file via Redfish
48 [Documentation] Get certificate content from BMC via openssl.
72 RETURN ${certificate}
134 [Documentation] Get certificate content from certificate file.
138 # cert_file_path Downloaded certificate file path.
166 [Documentation] Delete all CA certificate via Redfish.
176 [Documentation] Delete certificate via BMC CLI.
212 # Install certificate before replacing client or CA certificate.
281 Logging Installed certificate id: ${cert_id}
[all …]
/openbmc/phosphor-webui/app/access-control/controllers/
H A Dcertificate-controller.js107 var certificate = data;
108 isExpiring(certificate);
109 updateAvailableTypes(certificate);
110 $scope.certificates.push(certificate);
115 var isExpiring = function(certificate) { argument
123 certificate.isExpired = true;
125 certificate.isExpiring = true;
127 certificate.isExpired = false;
128 certificate.isExpiring = false;
279 var updateAvailableTypes = function(certificate) { argument
[all …]
/openbmc/openbmc-test-automation/gui/gui_test/security_and_access_menu/
H A Dtest_certificates_sub_menu.robot36 [Documentation] Verify navigation to certificate page.
43 [Documentation] Verify existence of all sections in certificate page.
54 [Documentation] Verify existence of add certificate button.
80 [Documentation] Install CA certificate and verify the same via GUI.
85 # Install CA certificate via Redfish.
89 # Refresh GUI and verify CA certificate availability in GUI.
98 # Replace HTTPS certificate.
103 # Verify certificate is available in GUI.
114 # Install LDAP certificate.
119 # Refresh GUI and verify certificate is available in GUI.
[all …]
/openbmc/phosphor-certificate-manager/dist/
H A Dmeson.build5 cert_manager_dir = get_option('datadir') / 'phosphor-certificate-manager'
9 service_files = [ 'phosphor-certificate-manager@.service' ]
21 '../phosphor-certificate-manager@.service',
22 'multi-user.target.wants/phosphor-certificate-manager@bmcweb.service'
30 '../phosphor-certificate-manager@.service',
31 'multi-user.target.wants/phosphor-certificate-manager@authority.service'
/openbmc/openbmc/meta-phosphor/recipes-phosphor/certificate/
H A Dphosphor-certificate-manager_git.bb3 HOMEPAGE = "https://github.com/openbmc/phosphor-certificate-manager"
22 SRC_URI = "git://github.com/openbmc/phosphor-certificate-manager;branch=master;protocol=https"
25 SYSTEMD_SERVICE:${PN} = "phosphor-certificate-manager@.service"
27 phosphor-certificate-manager@.service \
29 …${@bb.utils.contains('PACKAGECONFIG', 'authority-cert', 'phosphor-certificate-manager@authority.se…
30 …${@bb.utils.contains('PACKAGECONFIG', 'bmcweb', 'phosphor-certificate-manager@bmcweb.service', '',…
/openbmc/qemu/docs/system/
H A Dtls.rst20 with expected data present. Alternatively a certificate management
26 certificate.
30 certificate authority to create certificates. A self-signed CA is
72 extension to indicate this certificate is for a CA, while
125 # certtool --generate-certificate \
126 --load-ca-certificate ca-cert.pem \
156 a certificate. The client certificate contains enough metadata to
178 # certtool --generate-certificate \
179 --load-ca-certificate ca-cert.pem \
229 # certtool --generate-certificate \
[all …]
/openbmc/openbmc-test-automation/openpower/ext_interfaces/
H A Dtest_vmicert_management.robot3 Documentation VMI certificate exchange tests.
57 # Request root certificate from admin user.
60 # Request root certificate from operator user.
63 # Request root certificate from ReadOnly user.
66 # Request root certificate from NoAccess user.
120 # Request root certificate from operator user.
123 # Request root certificate from ReadOnly user.
126 # Request root certificate from NoAccess user.
139 # Request root certificate from operator user.
274 ... and verify gets root certificate and signed certificate.
[all …]

12345678