Log in as the root or NSP admin user on a Linux system where openssl is available.

Open a console window.

Enter the following to generate a private key:

# openssl genrsa -out private.pem 2048 ↵

Enter the following to create a public key:

#  openssl rsa -in private.pem -pubout -out publickey.pem ↵

Enter the following to encode the public key in base64 format:

#  cat public.pem | openssl base64 -e -A ↵

Designate a name to appear in the NSP UI as the name of the bundle author. Enter the following to encode the author name in base64:

# echo -n author name | openssl base64 ↵

Note: The -n after the echo command is mandatory: without it the author name contains a new line character and the verification of the signed bundles fails.

Enter the following to retrieve the Kubernetes name space of the artifact management application:

#  kubectl get pods -A | grep -i -e 'cam-server' -e 'NAMESPACE' ↵

The namespace value is output below the NAMESPACE heading.

Create a YAML file as shown in the sample below.

Configure the parameters:

• author is the encoded author name generated in Step 6

• public-key is the encoded public key value generated in Step 5

• type must be public-key

• name is the unique name for the public key

  Nokia recommends using the convention author name-public-key for easy recognition.

• namespace is the namespace retrieved in Step 7

Sample YAML:

apiVersion: v1

data:

  author: 

  public key: 

kind: Secret

metadata:

  labels:

    type: public-key 

  name: 

  namespace:  

type: public-key

Enter the following to load the YAML file into the Kubernetes system:

#  kubectl -n namespace apply -f filename.yaml ↵

If applicable, transfer the YAML file to all standby sites and repeat Step 9 on each site.

Close the console window.

End of steps