User registration using enterprise CA or self-signed CA

Using Enterprise Certificate Authority (CA) or self-signed CA

Certificate authentication offers stronger security by mutually authenticating the IMPACT IoT and callback application.

When the user registration is initiated from IMPACT IoT using self-signed CA/enterprise CA, the IMPACT IoT checks with the CA if the callback is valid. Once the identity of the callback is validated with each other, the user registration operation can proceed.

Java Keystore

The Java Keystore (JKS) is a repository that provides details on the following items:
  • The Certificate for the system.
  • Private key of the system.
  • The certificate chain (path to CA or subCA)

Configuring Keystore

To enable this functionality in IMPACT IoT, you can use self-signed CA or enterprise CA.

To set up the Keystore details, configure the following parameters in values.yaml file:

agentServerTrustStoreFile: 
agentServerTrustPassword:

Example configuration:

agentServerTrustStoreFile: "cert.jks"
agentServerTrustPassword: "impact"

Certificate path

Note: The certificate has to be placed within the impact-dc directory path where the values.yaml file is present.
[root@ramncs20fp2-control-01 charts]# ls
cdp  cigserver  impactbilling  impact-dc  impactsubscriptionrepo  jsms  lwm2mserver  mqttadapter  mqttsnadapter  radiusserver  sgiserver  smsconnector
[root@ramncs20fp2-control-01 charts]# cd impact-dc/
[root@ramncs20fp2-control-01 impact-dc]# ls
cert.jks  Chart.yaml  config  grafana  templates  values.yaml

For more information on parameters in values.yaml file, see Sample values.yaml file for JKS in IMPACT IoT Installation Guide.