From 49717561a2a3304986997124731b54129ff9e839 Mon Sep 17 00:00:00 2001 From: Yuya Kuno Date: Mon, 30 Jun 2025 15:42:00 +0000 Subject: [PATCH 01/15] MR to align SOL023 v0.0.12 --- src/SOL023/APIVersion/APIVersion.yaml | 2 +- .../CertificateManagement.yaml | 550 +----------------- .../SOL023CertificateManagement_def.yaml | 398 ++++++------- 3 files changed, 173 insertions(+), 777 deletions(-) diff --git a/src/SOL023/APIVersion/APIVersion.yaml b/src/SOL023/APIVersion/APIVersion.yaml index e975da6..7520890 100644 --- a/src/SOL023/APIVersion/APIVersion.yaml +++ b/src/SOL023/APIVersion/APIVersion.yaml @@ -19,7 +19,7 @@ info: version: 1.0.0-impl:etsi.org:ETSI_NFV_OpenAPI:1 paths: - /cert/api_versions: + /nfv-cert/api_versions: $ref: ../endpoints/SOL023_endpoints.yaml#/endpoints/api-versions /vnflcm/api_versions: $ref: ../endpoints/SOL023_endpoints.yaml#/endpoints/api-versions diff --git a/src/SOL023/CertificateManagement/CertificateManagement.yaml b/src/SOL023/CertificateManagement/CertificateManagement.yaml index fdfa8f3..7f7701f 100644 --- a/src/SOL023/CertificateManagement/CertificateManagement.yaml +++ b/src/SOL023/CertificateManagement/CertificateManagement.yaml @@ -19,8 +19,8 @@ info: version: 1.0.0-impl:etsi.org:ETSI_NFV_OpenAPI:1 externalDocs: - description: ETSI GS NFV-SOL 023 V5.2.1 - url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/023/05.02.01_60/gs_nfv-sol023v050201p.pdf + description: ETSI GS NFV-SOL 023 V5.3.1 + url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/023/05.03.01_60/gs_nfv-sol023v050301p.pdf servers: - url: http://127.0.0.1/cm/v2 @@ -38,9 +38,9 @@ paths: post: description: | - The POST method creates a new subject resource. See clause 5.5.3.3.1. + The POST method creates a new subject resource. See clause 5.6.3.3.3.1. requestBody: - $ref: "#/components/requestBodies/CreateSubjectRequest" + $ref: "#/components/requestBodies/RegistrationRequest" responses: "201": $ref: "#/components/responses/SubjectInstance.Post.201" @@ -67,7 +67,7 @@ paths: get: description: | - The GET method queries information about multiple subject instances. See clause 5.5.3.3.2. + The GET method queries information about multiple subject instances. See clause 5.6.3.3.3.2. parameters: - $ref: '#/components/parameters/filter_subject_instances' - $ref: ../components/SOL023_params.yaml#/components/parameters/all_fields_cmf @@ -108,7 +108,7 @@ paths: get: description: | The GET method retrieves information about a Subject instance by reading an "Individual Subject instance" - resource. See clause 5.5.4.3.2. + resource. See clause 5.6.3.4.3.2. parameters: - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept responses: @@ -137,7 +137,7 @@ paths: delete: description: | - This method deletes an "Individual Subject instance" resource. See clause 5.5.4.3.5. + This method deletes an "Individual Subject instance" resource. See clause 5.6.3.4.3.5. responses: "204": $ref: "#/components/responses/IndividualSubjectInstance.Delete.204" @@ -160,179 +160,6 @@ paths: "503": $ref: ../responses/SOL023_resp.yaml#/responses/503 - /subjects/{subjectId}/certificates: - parameters: - - $ref: "#/components/parameters/subjectId" - - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept - - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization - - $ref: ../components/SOL023_params.yaml#/components/parameters/Version - - post: - description: | - The POST method creates a new Certificate resource with certificate for VNFCI and VNF OAM. See clause 5.5.5.3.1. - requestBody: - $ref: "#/components/requestBodies/CSRRequest" - responses: - "201": - $ref: "#/components/responses/CertificateInstance.Post.201" - "409": - $ref: "#/components/responses/CertificateInstance.Post.409" - "400": - $ref: ../responses/SOL023_resp.yaml#/responses/400 - "401": - $ref: ../responses/SOL023_resp.yaml#/responses/401 - "403": - $ref: ../responses/SOL023_resp.yaml#/responses/403 - "404": - $ref: ../responses/SOL023_resp.yaml#/responses/404 - "405": - $ref: ../responses/SOL023_resp.yaml#/responses/405 - "406": - $ref: ../responses/SOL023_resp.yaml#/responses/406 - "422": - $ref: ../responses/SOL023_resp.yaml#/responses/422 - "500": - $ref: ../responses/SOL023_resp.yaml#/responses/500 - "503": - $ref: ../responses/SOL023_resp.yaml#/responses/503 - "504": - $ref: ../responses/SOL023_resp.yaml#/responses/504 - - get: - description: | - The GET method queries information about multiple subject instances. See clause 5.5.5.3.2. - parameters: - - $ref: '#/components/parameters/filter_certificate_instances' - - $ref: ../components/SOL023_params.yaml#/components/parameters/all_fields_cmf - - $ref: ../components/SOL023_params.yaml#/components/parameters/fields_cmf - - $ref: ../components/SOL023_params.yaml#/components/parameters/exclude_fields_cmf - - $ref: '#/components/parameters/exclude_default_certificate_instances' - - $ref: ../components/SOL023_params.yaml#/components/parameters/nextpage_opaque_marker_cmf - responses: - "200": - $ref: "#/components/responses/CertificateInstances.Get.200" - "400": - $ref: ../responses/SOL023_resp.yaml#/responses/400 - "401": - $ref: ../responses/SOL023_resp.yaml#/responses/401 - "403": - $ref: ../responses/SOL023_resp.yaml#/responses/403 - "404": - $ref: ../responses/SOL023_resp.yaml#/responses/404 - "405": - $ref: ../responses/SOL023_resp.yaml#/responses/405 - "406": - $ref: ../responses/SOL023_resp.yaml#/responses/406 - "416": - $ref: ../responses/SOL023_resp.yaml#/responses/416 - "500": - $ref: ../responses/SOL023_resp.yaml#/responses/500 - "503": - $ref: ../responses/SOL023_resp.yaml#/responses/503 - "504": - $ref: ../responses/SOL023_resp.yaml#/responses/504 - - /subjects/{subjectId}/certificates/{certificateId}: - parameters: - - $ref: "#/components/parameters/subjectId" - - $ref: "#/components/parameters/certificateId" - - $ref: ../components/SOL023_params.yaml#/components/parameters/Authorization - - $ref: ../components/SOL023_params.yaml#/components/parameters/Version - - get: - description: | - The GET method retrieves information about a Certificate instance by reading an - "Individual Certificate instance" resource. See clause 5.5.6.3.2. - parameters: - - $ref: ../components/SOL023_params.yaml#/components/parameters/Accept - - responses: - "200": - $ref: "#/components/responses/IndividualCertificateInstance.Get.200" - "400": - $ref: ../responses/SOL023_resp.yaml#/responses/400 - "401": - $ref: ../responses/SOL023_resp.yaml#/responses/401 - "403": - $ref: ../responses/SOL023_resp.yaml#/responses/403 - "404": - $ref: ../responses/SOL023_resp.yaml#/responses/404 - "405": - $ref: ../responses/SOL023_resp.yaml#/responses/405 - "406": - $ref: ../responses/SOL023_resp.yaml#/responses/406 - "416": - $ref: ../responses/SOL023_resp.yaml#/responses/416 - "500": - $ref: ../responses/SOL023_resp.yaml#/responses/500 - "503": - $ref: ../responses/SOL023_resp.yaml#/responses/503 - "504": - $ref: ../responses/SOL023_resp.yaml#/responses/504 - - delete: - description: | - This method deletes an "Individual Certificate instance" resource. See clause 5.5.6.3.5. - responses: - "204": - $ref: "#/components/responses/IndividualCertificateInstance.Delete.204" - "409": - $ref: "#/components/responses/IndividualCertificateInstance.Delete.409" - "400": - $ref: ../responses/SOL023_resp.yaml#/responses/400 - "401": - $ref: ../responses/SOL023_resp.yaml#/responses/401 - "403": - $ref: ../responses/SOL023_resp.yaml#/responses/403 - "404": - $ref: ../responses/SOL023_resp.yaml#/responses/404 - "405": - $ref: ../responses/SOL023_resp.yaml#/responses/405 - "406": - $ref: ../responses/SOL023_resp.yaml#/responses/406 - "500": - $ref: ../responses/SOL023_resp.yaml#/responses/500 - "503": - $ref: ../responses/SOL023_resp.yaml#/responses/503 - - /subjects/{subjectId}/certificates/{certificateId}/certificate_content: - parameters: - - $ref: "#/components/parameters/subjectId" - - $ref: "#/components/parameters/certificateId" - - get: - description: | - The GET method fetches the content of a certificate content identified by the certificate - identifier allocated by the CMF. See clause 5.5.7.3.2. - responses: - "200": - $ref: "#/components/responses/IndividualCertificateContentInstance.Get.200" - "206": - $ref: "#/components/responses/IndividualCertificateContentInstance.Get.206" - "409": - $ref: "#/components/responses/IndividualCertificateContentInstance.Get.409" - "416": - $ref: "#/components/responses/IndividualCertificateContentInstance.Get.416" - "400": - $ref: ../responses/SOL023_resp.yaml#/responses/400 - "401": - $ref: ../responses/SOL023_resp.yaml#/responses/401 - "403": - $ref: ../responses/SOL023_resp.yaml#/responses/403 - "404": - $ref: ../responses/SOL023_resp.yaml#/responses/404 - "405": - $ref: ../responses/SOL023_resp.yaml#/responses/405 - "406": - $ref: ../responses/SOL023_resp.yaml#/responses/406 - "422": - $ref: ../responses/SOL023_resp.yaml#/responses/422 - "500": - $ref: ../responses/SOL023_resp.yaml#/responses/500 - "503": - $ref: ../responses/SOL023_resp.yaml#/responses/503 - "504": - $ref: ../responses/SOL023_resp.yaml#/responses/504 ####################################################################### ###################### Subscription Endpoints ######################## @@ -488,34 +315,7 @@ components: The following attributes shall be excluded from the SubjectInstance structure in the response body if this parameter is provided, or none of the parameters "all_fields", "fields", "exclude_fields", "exclude_default" are provided: - - pkiBody - required: false - schema: - type: string - - filter_certificate_instances: - name: filter - description: > - Attribute-based filtering expression according to clause 5.2 of ETSI GS NFV SOL 013 [4]. - The CMF shall support receiving this parameter as part of the URI query string. The VNFM may - supply this parameter. - All attribute names that appear in the SubjectInstance and in data types referenced from it - shall be supported by the CMF in the filter expression. - in: query - required: false - schema: - type: string - - exclude_default_certificate_instances: - name: exclude_default - in: query - description: >- - Indicates to exclude the following complex attributes from the response. See clause 5.3 of - ETSI GS NFV-SOL 013 for details. The CMF shall support this parameter. - The following attributes shall be excluded from the SubjectInstance structure in the response - body if this parameter is provided, or none of the parameters "all_fields", "fields", "exclude_fields", - "exclude_default" are provided: - - pkiBody + - subjectId required: false schema: type: string @@ -535,20 +335,6 @@ components: schema: type: string - certificateId: - name: certificateId - in: path - description: | - certificateId Identifier of the Certificate instance. See note. - - NOTE: This identifier can be retrieved from the resource referenced by the "Location" HTTP - header in the response to a POST request creating a new "Individual Certificate instance" resource. - It can also be retrieved from the "id" attribute in the message content of that response. - required: true - style: simple - explode: false - schema: - type: string ############################# For Subscriptions Resources ############################# @@ -820,326 +606,6 @@ components: schema: $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" - CertificateInstance.Post.201: - description: > - 201 CREATED - - Shall be returned when a new "Individual Certificate instance" resource and the associated Certificate instance identifier has been created successfully. - - The response body shall contain a representation of the created Certificate instance, as defined in clause 5.6.2.3. - - The HTTP response shall include a "Location" HTTP header that contains the resource URI of the created Certificate instance. - headers: - Location: - description: | - The resource URI of the created subject resource. - style: simple - explode: false - schema: - type: string - format: url - WWW-Authenticate: - description: > - Challenge if the corresponding HTTP request has not provided - authorization, or error details if the corresponding HTTP - request has provided an invalid authorization token. - schema: - type: string - Version: - description: > - Version of the API used in the response. - schema: - type: string - Content-Type: - description: | - The MIME type of the body of the response. Reference: IETF RFC 9110 - style: simple - explode: false - schema: - type: string - content: - application/json: - schema: - $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/CertificateInstance" - - CertificateInstance.Post.409: - description: > - 409 CONFLICT - - Shall be returned upon the following error: The operation cannot be executed currently, due to a conflict with the state of the resource. - - The response body shall contain a ProblemDetails structure, in which the "detail" attribute shall convey more information about the error. - headers: - WWW-Authenticate: - description: > - Challenge if the corresponding HTTP request has not provided - authorization, or error details if the corresponding HTTP - request has provided an invalid authorization token. - schema: - type: string - Version: - description: > - Version of the API used in the response. - schema: - type: string - content: - application/json: - schema: - $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" - - CertificateInstances.Get.200: - description: > - 201 OK - - Shall be returned when information about zero or more subject instances has been queried successfully. - - The response body shall contain in an array the representations of zero or more subject instances, as - defined in clause 5.6.2.3. - - If the "filter" URI parameter or one of the "all_fields", "fields" (if supported), "exclude_fields" - (if supported) or "exclude_default" URI parameters was supplied in the request, the data in the response - body shall have been transformed according to the rules specified in clauses 5.2.2 and 5.3.2 of - ETSI GS NFV SOL 013, respectively. - - If the CMF supports alternative 2 (paging) according to clause 5.4.2.1 of ETSI GS NFV SOL 013 for - this resource, inclusion of the Link HTTP header in this response shall follow the provisions in - clause 5.4.2.3 of ETSI GS NFV SOL 013. - headers: - WWW-Authenticate: - description: > - Challenge if the corresponding HTTP request has not provided - authorization, or error details if the corresponding HTTP - request has provided an invalid authorization token. - schema: - type: string - Version: - description: > - Version of the API used in the response. - schema: - type: string - Link: - description: | - Reference to other resources. Used for paging in the present document. - style: simple - explode: false - schema: - type: string - Content-Type: - description: | - The MIME type of the body of the response. Reference: IETF RFC 9110 - style: simple - explode: false - schema: - type: string - content: - application/json: - schema: - type: array - items: - $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/CertificateInstance" - - IndividualCertificateInstance.Get.200: - description: > - 200 OK - - Shall be returned when information about an individual Certificate instance has been read successfully. - The response body shall contain a representation of the Certificate instance, as defined in clause 5.6.2.3. - headers: - WWW-Authenticate: - description: | - Challenge if the corresponding HTTP request has not provided - authorization, or error details if the corresponding HTTP - request has provided an invalid authorization token. - schema: - type: string - Version: - description: > - Version of the API used in the response. - schema: - type: string - Content-Type: - description: | - The MIME type of the body of the response. Reference: IETF RFC 9110 - style: simple - explode: false - schema: - type: string - content: - application/json: - schema: - $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/CertificateInstance" - - IndividualCertificateInstance.Delete.204: - description: | - 204 NO CONTENT - - Shall be returned when the "Individual Certificate instance" resource and the associated - Certificate identifier were deleted successfully. - The response body shall be empty. - headers: - WWW-Authenticate: - description: | - Challenge if the corresponding HTTP request has not provided authorization, or error details if the - corresponding HTTP request has provided an invalid authorization token. - style: simple - explode: false - schema: - type: string - Version: - description: The used API version. - style: simple - explode: false - schema: - type: string - - IndividualCertificateInstance.Delete.409: - description: | - 409 CONFLICT - - Shall be returned upon the following error: The operation cannot be executed currently, due to a - conflict with the state of the resource. - Typically, this is due to the fact that the "Individual VNF instance" resource is in INSTANTIATED state. - The response body shall contain a ProblemDetails structure, in which the "detail" attribute shall convey - more information about the error. - headers: - WWW-Authenticate: - description: | - Challenge if the corresponding HTTP request has not provided authorization, or error details if the - corresponding HTTP request has provided an invalid authorization token. - style: simple - explode: false - schema: - type: string - Version: - description: The used API version. - style: simple - explode: false - schema: - type: string - Content-Type: - description: | - The MIME type of the body of the response. Reference: IETF RFC 9110 - style: simple - explode: false - schema: - type: string - content: - application/json: - schema: - $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" - - IndividualCertificateContentInstance.Get.200: - description: > - 200 OK - - Shall be returned when the whole content of the certificate file has been read successfully. - - The response body shall include a copy of the certificate file. - - The "Content-Type HTTP" header shall be set according to the type of the file, i.e. to "application/text" for a certificate content according to IETF RFC 7468[a]. - headers: - WWW-Authenticate: - description: > - Challenge if the corresponding HTTP request has not provided - authorization, or error details if the corresponding HTTP - request has provided an invalid authorization token. - schema: - type: string - Version: - description: > - Version of the API used in the response. - schema: - type: string - - IndividualCertificateContentInstance.Get.206: - description: | - 206 PARTIAL CONTENT - - If the CMF supports range requests, this response shall be returned when a single consecutive byte range from the content of the certificate file has been read successfully according to the request. - - The response body shall contain the requested part of the certificate file. - - The "Content-Range" HTTP header shall be provided according to IETF RFC 9110 [c]. - - The "Content-Type" HTTP header shall be set as defined above for the "200 OK" response. - headers: - WWW-Authenticate: - description: | - Challenge if the corresponding HTTP request has not provided authorization, or error details if the - corresponding HTTP request has provided an invalid authorization token. - style: simple - explode: false - schema: - type: string - Version: - description: The used API version. - style: simple - explode: false - schema: - type: string - Content-Range: - required : true - style: simple - explode: false - schema: - type: string - content: - application/*: - schema: - type: string - format: binary - - IndividualCertificateContentInstance.Get.409: - description: > - 409 CONFLICT - - Shall be returned upon the following error: The operation cannot be executed currently, due to a conflict with the state of the resource. - - The response body shall contain a ProblemDetails structure, in which the "detail" attribute shall convey more information about the error. - headers: - WWW-Authenticate: - description: > - Challenge if the corresponding HTTP request has not provided - authorization, or error details if the corresponding HTTP - request has provided an invalid authorization token. - schema: - type: string - Version: - description: > - Version of the API used in the response. - schema: - type: string - content: - application/json: - schema: - $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" - - IndividualCertificateContentInstance.Get.416: - description: | - 416 RANGE NOT SATISFIABLE - - Shall be returned upon the following error: The byte range passed in the "Range" header did not match any available byte range in the certificate file (e.g. "access after end of file"). - - The response body may contain a ProblemDetails structure. - headers: - WWW-Authenticate: - description: | - Challenge if the corresponding HTTP request has not provided authorization, or error details if the - corresponding HTTP request has provided an invalid authorization token. - style: simple - explode: false - schema: - type: string - Version: - description: The used API version. - style: simple - explode: false - schema: - type: string - content: - application/json: - schema: - $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" ####################################################################### ################# Subscription Endpoints Response Bodies ############## diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index d880dd6..47ba096 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -1,86 +1,4 @@ definitions: - PkiHeader: - description: > - This type represents a PkiHeadear. - - NOTE: At the time of use "PkiHeader" data type, e.g. for CreateSubjectRequest, nothing about the - sender is known to the sending entity (the end entity may not know its own Distinguished Name (DN), - e-mail name, IP address, etc.), then the "sender" field shall contain a "NULL" value. - type: object - required: - - sender - - recipient - - generalInfo - properties: - sender: - description: > - Name of the sender of the Request. See note. - type: string - recipient: - description: > - Name of the recipient of the Request. - type: string - generalInfo: - description: > - It shall contain two of the attributes. - The first generallInfo shall contain the set of - • InfoType for Certificate type - • Infovalue for Choice of VNFC or VNF OAM - - Unless the InfoValue of the first generallInfo is MANO, the second generallInfo shall contain - the set of - • InfoType for Type of VNFC certification handling - • Infovalue for Choice of direct or delegation - type: object - required: - - InfoType - properties: - InfoType: - description: > - Indicate the type of Info. The namespaces and conventions for the values of this attribute that - is OID defined as clause 5.7. - Permit values: - • Certificate type - • Type of VNFC certification handling - $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" - InfoValue: - description: > - If the value of “InfoType” is “Certificate type”, it shall be set. - Permit values: - • VNFCI certificate - • VNF OAM certificate - - If the value of “InfoType” is “Type of certificate handling”, it shall be set. - Permit values: - • Direct mode - • Delegation mode - Only the value "Delegation mode" is allowed for this version of the present document. - type: string - - CertRepMessages: - description: > - This type represents a CertRepMessages. - type: object - required: - - certResponse - properties: - certResponse: - description: > - The structure and attributes are defined in IETF RFC 5912. - type: object - required: - - certReqId - - status - properties: - certReqId: - description: > - Identifier of "CertReqMessages" or “CSRRequest” to corresponding to this "CertRepMessages". - type: integer - status: - description: > - State of the subject. - $ref: "#/definitions/PKIStatusInfoType" - SubjectInstance: description: > This type represents a subject instance. @@ -90,88 +8,76 @@ definitions: type: object required: - id - - pkiHeader - - pkiBody + - certType + - subjectId + - typeOfVnfcCertHandling - _links properties: id: description: > Identifier of the Subject instance. $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" - pkiHeader: - description: > - A common information of PKI message for addressing and transaction identification. - The structure and attributes are defined in IETF RFC 4210 and RFC 9480. - $ref: "#/definitions/PkiHeader" - pkiBody: - description: > - Message-specific information. The structure and attributes are defined in - IETF RFC 4210 and IETF RFC 9480. - type: object - required: - - ir - - ip - properties: - ir: - description: > - Information for Initialization request. - $ref: "#/definitions/CertReqMessages" - ip: - description: > - Information for Initialization response. - $ref: "#/definitions/CertRepMessages" - _links: - description: > - Links to resources related to this resource. - type: object - required: - - self - properties: - self: - description: > - URI of this resource. - $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" - - CertificateInstance: - description: > - This type represents a certificate instance. It shall comply with the provisions defined in table 5.6.2.3-1. - - NOTE: Wherever mentioned, attributes of the type "CertificateInstance", in the table 5.6.2.3-1 - are aligned with the mandatory-defined parameters in the CMPv2 in IETF RFC 4210. - type: object - required: - - id - - pkiHeader - - pkiBody - - _links - properties: - id: - description: > - Identifier of the Certificate instance. - $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" - pkiHeader: - description: > - A common information of PKI message for addressing and transaction identification. - The structure and attributes are defined in IETF RFC 4210 and RFC 9480. - $ref: "#/definitions/PkiHeader" - pkiBody: + certType: description: > - Message-specific information. The structure and attributes are defined in - IETF RFC 4210 and IETF RFC 9480. + Indicate the type of target certificate. The possible values are (see note 1): + ・ MANO certificate + ・ VNFCI certificate + ・ VNF OAM certificate + + NOTE 1: Registration of target certificates of type ‘MANO certificate’ is + not covered in this version of the present document. + type: string + enum: + - MANO certificate + - VNFCI certificate + - VNF OAM certificate + subjectId: + description: > + Data about subjects and their certificates that need to be registered. + This attribute shall be present only if certType is VNFCI certificate + or VNF OAM certificate. type: object required: - - p10cr - - cp + - subjectId + - certificateData properties: - p10cr: + subjectId: description: > - Encoded Information for CSR Request. The structure and attributes are aligned and defined - in IETF RFC 2986. - $ref: "#/definitions/CSRRequest" - cp: + The value of the Identifier of the certificate target VNFCI as subject ID + if this operation is used for the VNFCI certificate or VNF OAM certificate. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + certificateData: description: > - Information for CSR response. - $ref: "#/definitions/CertRepMessages" + Data related to certificates for the target VNFCI. + type: object + required: + - certificateData + properties: + subjectName: + description: > + The value of the Identifier of the certificate target VNFCI as subject ID + if this operation is used for the VNFCI certificate or VNF OAM certificate. + $ref: "#/definitions/CertSubjectData" + subjectAlternateName: + description: > + Subject alternate names of VNFCI certificates. + type: array + items: + type: string + typeOfVnfcCertHandling: + description: > + This parameter shall be present only if certType is VNFCI certificate or VNF OAM certificate. + It indicates the mode of certificate management for the target entity. + The possible values are: + • direct mode + • delegation mode + See note 2. + + NOTE 2: At least one overriding attributes shall be present, otherwise shall be absent. + type: string + enum: + - direct mode + - delegation mode _links: description: > Links to resources related to this resource. @@ -184,7 +90,7 @@ definitions: URI of this resource. $ref: "../../definitions/SOL023_def.yaml#/definitions/Link" - CreateSubjectRequest: + RegistrationRequest: description: > This type represents request parameters for the "Register" operation as defined in ETSI GS NFV-IFA 033. @@ -192,97 +98,71 @@ definitions: are profiled with the mandatory-defined parameters in the CMP in IETF RFC 4210. type: object required: - - pkiHeader - - pkiBody + - certType + - subjectId + - typeOfVnfcCertHandling properties: - pkiHeader: + certType: description: > - A common informatio0n of PKI message for addressing and transaction identification. The structure and - attributes are defined in IETF RFC 4210 and RFC 9480. - $ref: "#/definitions/PkiHeader" - pkiBody: - description: > - Message specific information. The structure and attributes are defined in IETF RFC 4210 and IETF RFC 9480. - type: object - required: - - ir - properties: - ir: - description: > - Information for Initialization Request. - $ref: "#/definitions/CertReqMessages" - - CSRRequest: - description: > - This type represents request parameters for the "Certificate Signing Request" operation. - - NOTE: As concept of the design of the type “CSRRequest”, the attributes in the table 5.6.2.5-1 - are profiled to the mandatory-defined parameters in the CMPv2 in IETF RFC 4210. - type: object - required: - - pkiHeader - - pkiBody - properties: - pkiHeader: - description: > - A common information of PKI message for addressing and transaction identification. The structure - and attributes are defined in IETF RFC 4210 and RFC 9480. - $ref: "#/definitions/PkiHeader" - pkiBody: - description: > - Message specific information. The structure and attributes are defined in IETF RFC 4210 and IETF RFC 9480. - type: object - required: - - p10cr - properties: - p10cr: - description: > - Encoded Information for CSR Request. The structure and attributes are aligned and - defined in IETF RFC 2986. - $ref: "#/definitions/CSRMessage" + Indicate the type of target certificate. The possible values are (see note 1): + ・ MANO certificate + ・ VNFCI certificate + ・ VNF OAM certificate - CSRMessage: - description: > - Encoded Information for CSR Request. The structure and attributes are aligned - and defined in IETF RFC 2986. - type: object - - CertReqMessages: - description: > - This type represents a CertReqMessages. - type: object - required: - - CertReqMsg - properties: - CertReqMsg: - description: > - The structure and attributes are defined in IETF RFC 5912. + NOTE 1: Registration of target certificates of type ‘MANO certificate’ is + not covered in this version of the present document. + type: string + enum: + - MANO certificate + - VNFCI certificate + - VNF OAM certificate + subjectId: + description: > + Data about subjects and their certificates that need to be registered. + This attribute shall be present only if certType is VNFCI certificate + or VNF OAM certificate. type: object required: - - CertRequest + - subjectId + - certificateData properties: - CertRequest: + subjectId: description: > - Information for the certificate request. + The value of the Identifier of the certificate target VNFCI as subject ID + if this operation is used for the VNFCI certificate or VNF OAM certificate. + $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" + certificateData: + description: > + Data related to certificates for the target VNFCI. type: object - required: - - CertTemplate + required: + - certificateData properties: - CertTemplate: + subjectName: description: > - Information for the certificate to be issued. - type: object - required: - - subjectUID - properties: - subjectUID: - description: > - The value of the Identifier of the certificate target VNFCI as subject ID if - this operation is used for the VNFCI certificate or VNF OAM certificate. See note. + The value of the Identifier of the certificate target VNFCI as subject ID + if this operation is used for the VNFCI certificate or VNF OAM certificate. + $ref: "#/definitions/CertSubjectData" + subjectAlternateName: + description: > + Subject alternate names of VNFCI certificates. + type: array + items: + type: string + typeOfVnfcCertHandling: + description: > + This parameter shall be present only if certType is VNFCI certificate or VNF OAM certificate. + It indicates the mode of certificate management for the target entity. + The possible values are: + • direct mode + • delegation mode + See note 2. - NOTE: For the case of MANO certificate, this attribute is not supported in this - version of the present document. - type: integer + NOTE 2: At least one overriding attributes shall be present, otherwise shall be absent. + type: string + enum: + - direct mode + - delegation mode ####################################################################### ################# Subscriptions Related Data Models ################### @@ -671,4 +551,54 @@ definitions: this attribute. See note 2. type: array items: - type: string \ No newline at end of file + type: string + + CertSubjectData: + description: > + This type provides input information related to subject of certificate. + type: object + properties: + commonName: + description: > + Information of certification target subject FQDN. + Can be set empty when this certificate is used for encrypted communication using IP address. + See note. + + NOTE: At least one overriding attributes shall be present, otherwise shall be absent. + type: string + organization: + description: > + Information of certification target subject Organization. + See note. + + NOTE: At least one overriding attributes shall be present, otherwise shall be absent. + type: string + country: + description: > + Information of certification target subject Country. + See note. + + NOTE: At least one overriding attributes shall be present, otherwise shall be absent. + type: string + state: + description: > + Information of certification target subject State. + See note. + + NOTE: At least one overriding attributes shall be present, otherwise shall be absent. + type: string + locality: + description: > + Information of certification target subject Locality. + See note. + + NOTE: At least one overriding attributes shall be present, otherwise shall be absent. + type: string + emailAddress: + description: > + Information of certification contact email address. + See note. + + NOTE: At least one overriding attributes shall be present, otherwise shall be absent. + type: string + -- GitLab From 4a509f84fcc10f78da0ec301a441b47f19ca417d Mon Sep 17 00:00:00 2001 From: Yuya Kuno Date: Tue, 1 Jul 2025 06:36:19 +0000 Subject: [PATCH 02/15] Update file CertificateManagement.yaml --- .../CertificateManagement.yaml | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) diff --git a/src/SOL023/CertificateManagement/CertificateManagement.yaml b/src/SOL023/CertificateManagement/CertificateManagement.yaml index 7f7701f..ad41c0a 100644 --- a/src/SOL023/CertificateManagement/CertificateManagement.yaml +++ b/src/SOL023/CertificateManagement/CertificateManagement.yaml @@ -174,7 +174,7 @@ paths: description: | The POST method creates a new subscription. See clause 7.5.3.3.1. requestBody: - $ref: "#/components/requestBodies/CertificateSubscriptionRequest" + $ref: "#/components/requestBodies/RegistrationRequest" responses: 201: $ref: '#/components/responses/Subscriptions.Post.201' @@ -863,23 +863,15 @@ components: type: string requestBodies: - CreateSubjectRequest: + RegistrationRequest: description: > Subject resource creation request. content: application/json: schema: - $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/CreateSubjectRequest" + $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/RegistrationRequest" required: true - CSRRequest: - description: > - Certificate resource creation request. - content: - application/json: - schema: - $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/CSRRequest" - required: true ####################################################################### ################# Subscription Endpoints Request Bodies ############### -- GitLab From 411633f1aa2df036d12156c27207739258b3155f Mon Sep 17 00:00:00 2001 From: Yuya Kuno Date: Tue, 1 Jul 2025 07:11:58 +0000 Subject: [PATCH 03/15] fixed bug from pipeline --- .../CertificateManagement.yaml | 4 ++-- .../SOL023CertificateManagement_def.yaml | 24 +++++++++++++++++++ 2 files changed, 26 insertions(+), 2 deletions(-) diff --git a/src/SOL023/CertificateManagement/CertificateManagement.yaml b/src/SOL023/CertificateManagement/CertificateManagement.yaml index ad41c0a..de594e4 100644 --- a/src/SOL023/CertificateManagement/CertificateManagement.yaml +++ b/src/SOL023/CertificateManagement/CertificateManagement.yaml @@ -378,7 +378,7 @@ components: instance identifier has been created successfully. The response body shall contain a representation of the created Subject instance, as defined in - clause 5.6.2.2. + clause 5.6.3.4. The HTTP response shall include a "Location" HTTP header that contains the resource URI of the created Subject instance. @@ -464,7 +464,7 @@ components: Shall be returned when information about zero or more subject instances has been queried successfully. The response body shall contain in an array the representations of zero or more subject instances, as - defined in clause 5.6.2.2. + defined in clause 5.6.3.4. If the "filter" URI parameter or one of the "all_fields", "fields" (if supported), "exclude_fields" (if supported) or "exclude_default" URI parameters was supplied in the request, the data in the response diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index 47ba096..cd9d6bb 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -553,6 +553,30 @@ definitions: items: type: string + CertRepMessages: + description: > + This type represents a CertRepMessages. + type: object + required: + - certResponse + properties: + certResponse: + description: > + The structure and attributes are defined in IETF RFC 5912. + type: object + required: + - certReqId + - status + properties: + certReqId: + description: > + Identifier of "CertReqMessages" or “CSRRequest” to corresponding to this "CertRepMessages". + type: integer + status: + description: > + State of the subject. + $ref: "#/definitions/PKIStatusInfoType" + CertSubjectData: description: > This type provides input information related to subject of certificate. -- GitLab From 5523c698f5abbf9743082af534961908994b7e09 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 1 Jul 2025 14:09:58 +0200 Subject: [PATCH 04/15] update SOL023CertificateManagement_def.yaml based on SOL023 v0.0.12 final draft --- .../SOL023CertificateManagement_def.yaml | 342 +++++------------- 1 file changed, 90 insertions(+), 252 deletions(-) diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index cd9d6bb..3f44e46 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -3,8 +3,10 @@ definitions: description: > This type represents a subject instance. - NOTE: Wherever mentioned, attributes of the type "SubjectInstance", in the table 5.6.2.2-1 - are aligned with the mandatory-defined parameters in the CMPv2 in IETF RFC 4210. + NOTE 1: Registration of target certificates of type 'MANO certificate' is not covered in this version + of the present document. + + NOTE 2: At least one overriding attributes shall be present, otherwise shall be absent. type: object required: - id @@ -20,22 +22,18 @@ definitions: certType: description: > Indicate the type of target certificate. The possible values are (see note 1): - ・ MANO certificate - ・ VNFCI certificate - ・ VNF OAM certificate - - NOTE 1: Registration of target certificates of type ‘MANO certificate’ is - not covered in this version of the present document. + - MANO certificate + - VNFCI certificate + - VNF OAM certificate type: string enum: - - MANO certificate - - VNFCI certificate - - VNF OAM certificate + - MANO_certificate + - VNFCI_certificate + - VNF_OAM_certificate subjectId: description: > - Data about subjects and their certificates that need to be registered. - This attribute shall be present only if certType is VNFCI certificate - or VNF OAM certificate. + Data about subjects and their certificates that need to be registered. This attribute shall be present + only if certType is VNFCI certificate or VNF OAM certificate. type: object required: - subjectId @@ -43,41 +41,36 @@ definitions: properties: subjectId: description: > - The value of the Identifier of the certificate target VNFCI as subject ID - if this operation is used for the VNFCI certificate or VNF OAM certificate. + The value of the Identifier of the certificate target VNFCI as subject ID if this operation is used for + the VNFCI certificate or VNF OAM certificate. $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" certificateData: description: > Data related to certificates for the target VNFCI. type: object required: - - certificateData + - subjectAlternateName properties: subjectName: description: > - The value of the Identifier of the certificate target VNFCI as subject ID - if this operation is used for the VNFCI certificate or VNF OAM certificate. + Subject data of the of VNFCI certificates, i.e., certificate fields related to common name, organization, + country etc. $ref: "#/definitions/CertSubjectData" subjectAlternateName: description: > Subject alternate names of VNFCI certificates. - type: array - items: - type: string + type: string typeOfVnfcCertHandling: description: > - This parameter shall be present only if certType is VNFCI certificate or VNF OAM certificate. - It indicates the mode of certificate management for the target entity. - The possible values are: - • direct mode - • delegation mode + This parameter shall be present only if certType is VNFCI certificate or VNF OAM certificate. It indicates the + mode of certificate management for the target entity. The possible values are: + - direct mode + - delegation mode See note 2. - - NOTE 2: At least one overriding attributes shall be present, otherwise shall be absent. type: string enum: - - direct mode - - delegation mode + - direct_mode + - delegation_mode _links: description: > Links to resources related to this resource. @@ -94,8 +87,9 @@ definitions: description: > This type represents request parameters for the "Register" operation as defined in ETSI GS NFV-IFA 033. - NOTE: As concept of the design of the type “CreateSubjectReuquest”, the attributes in the table 5.6.2.4-1 - are profiled with the mandatory-defined parameters in the CMP in IETF RFC 4210. + NOTE 1: Registration of target certificates of type 'MANO certificate' is not covered in this version of the + present document. + NOTE 2: Only the value "delegation mode" is allowed for this version of the present document. type: object required: - certType @@ -105,22 +99,18 @@ definitions: certType: description: > Indicate the type of target certificate. The possible values are (see note 1): - ・ MANO certificate - ・ VNFCI certificate - ・ VNF OAM certificate - - NOTE 1: Registration of target certificates of type ‘MANO certificate’ is - not covered in this version of the present document. + - MANO certificate + - VNFCI certificate + - VNF OAM certificate type: string enum: - - MANO certificate - - VNFCI certificate - - VNF OAM certificate + - MANO_certificate + - VNFCI_certificate + - VNF_OAM_certificate subjectId: description: > - Data about subjects and their certificates that need to be registered. - This attribute shall be present only if certType is VNFCI certificate - or VNF OAM certificate. + Data about subjects and their certificates that need to be registered. This attribute shall be present + only if certType is VNFCI certificate or VNF OAM certificate. type: object required: - subjectId @@ -128,41 +118,69 @@ definitions: properties: subjectId: description: > - The value of the Identifier of the certificate target VNFCI as subject ID - if this operation is used for the VNFCI certificate or VNF OAM certificate. + The value of the Identifier of the certificate target VNFCI as subject ID if this operation is used for + the VNFCI certificate or VNF OAM certificate. $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" certificateData: description: > Data related to certificates for the target VNFCI. type: object required: - - certificateData + - subjectAlternateName properties: subjectName: description: > - The value of the Identifier of the certificate target VNFCI as subject ID - if this operation is used for the VNFCI certificate or VNF OAM certificate. + Subject data of the of VNFCI certificates, i.e., certificate fields related to common name, organization, + country etc. $ref: "#/definitions/CertSubjectData" subjectAlternateName: description: > Subject alternate names of VNFCI certificates. - type: array - items: - type: string + type: string typeOfVnfcCertHandling: description: > - This parameter shall be present only if certType is VNFCI certificate or VNF OAM certificate. - It indicates the mode of certificate management for the target entity. - The possible values are: - • direct mode - • delegation mode + This parameter shall be present only if certType is VNFCI certificate or VNF OAM certificate. It indicates the + mode of certificate management for the target entity. The possible values are: + - direct mode + - delegation mode See note 2. - - NOTE 2: At least one overriding attributes shall be present, otherwise shall be absent. type: string enum: - - direct mode - - delegation mode + - direct_mode + - delegation_mode + + CertSubjectData: + description: > + This type provides input information related to subject of certificate. + + NOTE: At least one overriding attributes shall be present, otherwise shall be absent. + type: object + properties: + commonName: + description: > + Information of certification target subject FQDN. Can be set empty when this certificate is used for encrypted + communication using IP address. See note. + type: string + organization: + description: > + Information of certification target subject Organization. See note. + type: string + country: + description: > + Information of certification target subject Country. See note. + type: string + state: + description: > + Information of certification target subject State. See note. + type: string + locality: + description: > + Information of certification target subject Locality. See note. + type: string + emailAddress: + description: > + Information of certification contact email address. See note. + type: string ####################################################################### ################# Subscriptions Related Data Models ################### @@ -272,7 +290,8 @@ definitions: cetificateState: description: > The state of the Certificate. - $ref: "#/definitions/PKIStatusInfoType" + # TODO + # $ref: "#/definitions/PKIStatusInfoType" certificateId: description: > The identifier of the Certificate affected. @@ -329,7 +348,7 @@ definitions: vnfInstanceSubscriptionFilter: description: > Filter criteria to select VNF instances about which to notify. - $ref: "#/definitions/VnfInstanceSubscriptionFilter" + $ref: "../../definitions/SOL023_def.yaml#/definitions/VnfInstanceSubscriptionFilter" cetificateState: description: > Match particular Certificate state values as reported in notifications of type @@ -339,7 +358,8 @@ definitions: "CertificateLifecycleStateChangeNotification" and shall be absent otherwise. type: array items: - $ref: "#/definitions/PKIStatusInfoType" + # TODO + # $ref: "#/definitions/PKIStatusInfoType" certificationType: description: > Match particular certificate types. @@ -392,7 +412,8 @@ definitions: ip: description: > Information for Initialization response. - $ref: "#/definitions/CertRepMessages" + # TODO + # $ref: "#/definitions/CertRepMessages" AffectedCertificate: description: > @@ -432,7 +453,8 @@ definitions: cp: description: > Information for CSR response. - $ref: "#/definitions/CertRepMessages" + # TODO + # $ref: "#/definitions/CertRepMessages" CertificateNotificationVerbosityType: description: > @@ -441,188 +463,4 @@ definitions: type: string enum: - FULL - - SHORT - - PKIStatusInfoType: - description: > - The enumeration PKIStatusInfoType shall comply with the provisions defined in table 4.3.4.1-1. - type: string - enum: - - ACCEPTED - - GRANTED_WITH_MODS - - REJECTED - - WAITING - - REVOCATION_WARNING - - REVOCATION_NOTIFICATION - - KEY_UPDATE_WARNING - - VnfInstanceSubscriptionFilter: - description: > - This type represents subscription filter criteria to match VNF - instances. - * NOTE 1: The attributes "vnfdIds" and "vnfProductsFromProviders" are alternatives to reference to VNF instances - that are based on certain VNFDs in a filter. They should not be used both in the same filter instance, - but one alternative should be chosen. - NOTE 2: The attributes "vnfInstanceIds" and "vnfInstanceNames" are alternatives to reference to particular VNF - instances in a filter. They should not be used both in the same filter instance, but one alternative - should be chosen. - type: object - anyOf: - - oneOf: - - required: - - vnfdIds - - required: - - vnfProductsFromProviders - - oneOf: - - required: - - vnfInstanceIds - - required: - - vnfInstanceNames - properties: - vnfdIds: - description: > - If present, match VNF instances that were created based on a VNFD - identified by one of the vnfdId values listed in this attribute. See note 1. - type: array - items: - $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" - vnfProductsFromProviders: - description: > - If present, match VNF instances that belong to VNF products from - certain providers. See note 1. - type: array - items: - type: object - required: - - vnfProvider - properties: - vnfProvider: - description: > - Name of the VNF provider to match. - type: string - vnfProducts: - description: > - If present, match VNF instances that belong to VNF products - with certain product names, from one particular provider. - type: array - items: - type: object - required: - - vnfProductName - properties: - vnfProductName: - description: > - Name of the VNF product to match. - type: string - versions: - description: > - If present, match VNF instances that belong to VNF - products with certain versions and a certain product - name, from one particular provider. - type: array - items: - type: object - required: - - vnfSoftwareVersion - properties: - vnfSoftwareVersion: - description: > - Software version to match. - $ref: "../../definitions/SOL023_def.yaml#/definitions/Version" - vnfdVersions: - description: > - If present, match VNF instances that belong to VNF - products with certain VNFD versions, a certain - software version and a certain product name, from - one particular provider. - type: array - items: - $ref: "../../definitions/SOL023_def.yaml#/definitions/Version" - vnfInstanceIds: - description: > - If present, match VNF instances with an instance identifier listed - in this attribute. See note 2. - type: array - items: - $ref: "../../definitions/SOL023_def.yaml#/definitions/Identifier" - vnfInstanceNames: - description: > - If present, match VNF instances with a VNF Instance Name listed in - this attribute. See note 2. - type: array - items: - type: string - - CertRepMessages: - description: > - This type represents a CertRepMessages. - type: object - required: - - certResponse - properties: - certResponse: - description: > - The structure and attributes are defined in IETF RFC 5912. - type: object - required: - - certReqId - - status - properties: - certReqId: - description: > - Identifier of "CertReqMessages" or “CSRRequest” to corresponding to this "CertRepMessages". - type: integer - status: - description: > - State of the subject. - $ref: "#/definitions/PKIStatusInfoType" - - CertSubjectData: - description: > - This type provides input information related to subject of certificate. - type: object - properties: - commonName: - description: > - Information of certification target subject FQDN. - Can be set empty when this certificate is used for encrypted communication using IP address. - See note. - - NOTE: At least one overriding attributes shall be present, otherwise shall be absent. - type: string - organization: - description: > - Information of certification target subject Organization. - See note. - - NOTE: At least one overriding attributes shall be present, otherwise shall be absent. - type: string - country: - description: > - Information of certification target subject Country. - See note. - - NOTE: At least one overriding attributes shall be present, otherwise shall be absent. - type: string - state: - description: > - Information of certification target subject State. - See note. - - NOTE: At least one overriding attributes shall be present, otherwise shall be absent. - type: string - locality: - description: > - Information of certification target subject Locality. - See note. - - NOTE: At least one overriding attributes shall be present, otherwise shall be absent. - type: string - emailAddress: - description: > - Information of certification contact email address. - See note. - - NOTE: At least one overriding attributes shall be present, otherwise shall be absent. - type: string - + - SHORT \ No newline at end of file -- GitLab From bbbc8507448f2599b2d900fdd9a94144faf8c9b2 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 1 Jul 2025 14:10:24 +0200 Subject: [PATCH 05/15] update CertificateManagement.yaml based on SOL023 v0.0.12 final draft --- .../CertificateManagement.yaml | 66 ++++++++++--------- 1 file changed, 34 insertions(+), 32 deletions(-) diff --git a/src/SOL023/CertificateManagement/CertificateManagement.yaml b/src/SOL023/CertificateManagement/CertificateManagement.yaml index de594e4..f33f09c 100644 --- a/src/SOL023/CertificateManagement/CertificateManagement.yaml +++ b/src/SOL023/CertificateManagement/CertificateManagement.yaml @@ -160,7 +160,6 @@ paths: "503": $ref: ../responses/SOL023_resp.yaml#/responses/503 - ####################################################################### ###################### Subscription Endpoints ######################## ####################################################################### @@ -296,9 +295,9 @@ components: filter_subject_instances: name: filter description: > - Attribute-based filtering expression according to clause 5.2 of ETSI GS NFV SOL 013 [4]. - The CMF shall support receiving this parameter as part of the URI query string. The VNFM may - supply this parameter. + Attribute-based filtering expression according to clause 5.2 of ETSI GS NFV SOL 013. + The CMF shall support receiving this parameter as part of the URI query string. The VNFM + may supply this parameter. All attribute names that appear in the SubjectInstance and in data types referenced from it shall be supported by the CMF in the filter expression. in: query @@ -310,12 +309,12 @@ components: name: exclude_default in: query description: >- - Indicates to exclude the following complex attributes from the response. See clause 5.3 of - ETSI GS NFV-SOL 013 for details. The CMF shall support this parameter. - The following attributes shall be excluded from the SubjectInstance structure in the response - body if this parameter is provided, or none of the parameters "all_fields", "fields", "exclude_fields", + Indicates to exclude the following complex attributes from the response. See clause 5.3 of ETSI + GS NFV-SOL 013 for details. The CMF shall support this parameter. + The following attributes shall be excluded from the SubjectInstance structure in the response body + if this parameter is provided, or none of the parameters "all_fields", "fields", "exclude_fields", "exclude_default" are provided: - - subjectId + - subjectId required: false schema: type: string @@ -335,9 +334,10 @@ components: schema: type: string + ####################################################################### + ################# Parameters for Subscriptions Resources ############## + ####################################################################### -############################# For Subscriptions Resources ############################# - filter_subscriptions: name: filter description: > @@ -374,14 +374,13 @@ components: description: > 201 CREATED - Shall be returned when a new "Individual Subject instance" resource and the associated Subject - instance identifier has been created successfully. + Shall be returned when a new "Individual Subject instance" resource and the associated Subject instance + identifier has been created successfully. - The response body shall contain a representation of the created Subject instance, as defined in - clause 5.6.3.4. + The response body shall contain a representation of the created Subject instance, as defined in clause 5.6.2.2. - The HTTP response shall include a "Location" HTTP header that contains the resource URI of the - created Subject instance. + The HTTP response shall include a "Location" HTTP header that contains the resource URI of the created + Subject instance. headers: Location: description: | @@ -464,16 +463,16 @@ components: Shall be returned when information about zero or more subject instances has been queried successfully. The response body shall contain in an array the representations of zero or more subject instances, as - defined in clause 5.6.3.4. + defined in clause 5.6.b.2.2. If the "filter" URI parameter or one of the "all_fields", "fields" (if supported), "exclude_fields" (if supported) or "exclude_default" URI parameters was supplied in the request, the data in the response - body shall have been transformed according to the rules specified in clauses 5.2.2 and 5.3.2 of - ETSI GS NFV SOL 013, respectively. + body shall have been transformed according to the rules specified in clauses 5.2.2 and 5.3.2 of ETSI GS + NFV SOL 013, respectively. - If the CMF supports alternative 2 (paging) according to clause 5.4.2.1 of ETSI GS NFV SOL 013 for - this resource, inclusion of the Link HTTP header in this response shall follow the provisions in - clause 5.4.2.3 of ETSI GS NFV SOL 013. + If the CMF supports alternative 2 (paging) according to clause 5.4.2.1 of ETSI GS NFV SOL 013 for this + resource, inclusion of the Link HTTP header in this response shall follow the provisions in clause 5.4.2.3 + of ETSI GS NFV SOL 013. headers: Location: description: | @@ -521,7 +520,8 @@ components: 200 OK Shall be returned when information about an individual Subject instance has been read successfully. - The response body shall contain a representation of the Subject instance, as defined in clause 5.6.2.2. + + The response body shall contain a representation of the Subject instance, as defined in clause 5.6.4.2.2. headers: WWW-Authenticate: description: | @@ -551,8 +551,9 @@ components: description: | 204 NO CONTENT - Shall be returned when the "Individual Subject instance" resource and the associated - Subject identifier were deleted successfully. + Shall be returned when the "Individual Subject instance" resource and the associated Subject + identifier were deleted successfully. + The response body shall be empty. headers: WWW-Authenticate: @@ -574,9 +575,12 @@ components: description: | 409 CONFLICT - Shall be returned upon the following error: The operation cannot be executed currently, due to a - conflict with the state of the resource. - Typically, this is due to the fact that the "Individual VNF instance" resource is in INSTANTIATED state. + Shall be returned upon the following error: The operation cannot be executed currently, due to a conflict + with the state of the resource. + + Typically, this is due to the fact that not all certificates under the “Individual Subject instance” are + either expired or have been revoked. + The response body shall contain a ProblemDetails structure, in which the "detail" attribute shall convey more information about the error. headers: @@ -606,7 +610,6 @@ components: schema: $ref: "../definitions/SOL023_def.yaml#/definitions/ProblemDetails" - ####################################################################### ################# Subscription Endpoints Response Bodies ############## ####################################################################### @@ -865,13 +868,12 @@ components: requestBodies: RegistrationRequest: description: > - Subject resource creation request. + Subject resource creation request. Defined in clause 5.6.4.2.3. content: application/json: schema: $ref: "./definitions/SOL023CertificateManagement_def.yaml#/definitions/RegistrationRequest" required: true - ####################################################################### ################# Subscription Endpoints Request Bodies ############### -- GitLab From b52cba9c1c2952e367d911c5baa0a95a1c0c9ad5 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 1 Jul 2025 14:10:55 +0200 Subject: [PATCH 06/15] update CertificateNotification.yaml based on SOL023 v0.0.12 final draft --- .../CertificateNotification/CertificateNotification.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/SOL023/CertificateNotification/CertificateNotification.yaml b/src/SOL023/CertificateNotification/CertificateNotification.yaml index d100608..73898fc 100644 --- a/src/SOL023/CertificateNotification/CertificateNotification.yaml +++ b/src/SOL023/CertificateNotification/CertificateNotification.yaml @@ -19,8 +19,8 @@ info: version: 1.0.0-impl:etsi.org:ETSI_NFV_OpenAPI:1 externalDocs: - description: ETSI GS NFV-SOL 023 V5.2.1 - url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/023/05.02.01_60/gs_nfv-sol023v050201p.pdf + description: ETSI GS NFV-SOL 023 V5.3.1 + url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/023/05.03.01_60/gs_nfv-sol023v050301p.pdf servers: - url: http://127.0.0.1/callback/v2 -- GitLab From bf5768d555364d4edc6c482e07e28795ab5807d8 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 1 Jul 2025 14:11:23 +0200 Subject: [PATCH 07/15] update SOL023_def.yaml based on SOL023 v0.0.12 final draft --- src/SOL023/definitions/SOL023_def.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/SOL023/definitions/SOL023_def.yaml b/src/SOL023/definitions/SOL023_def.yaml index 559a4c0..77591ea 100644 --- a/src/SOL023/definitions/SOL023_def.yaml +++ b/src/SOL023/definitions/SOL023_def.yaml @@ -197,7 +197,7 @@ definitions: subscriptions. The value of clientPassword should be generated by a random process. * NOTE 2: As a less secure alternative to OAUTH2_CLIENT_CERT which uses mutual authentication based on X.509 certificates, this mode which uses client password to authenticate may be used in the access token request - toward the authorization server (as defined by IETF RFC 6749 [7]), only to support legacy implementations + toward the authorization server (as defined by IETF RFC 6749), only to support legacy implementations (version 3.4.1 or earlier version of the present document). See clause 8.1 for more details. * NOTE 3: The following values that were included up to version 3.4.1 of the present document have been removed: "BASIC" (to signal the use of the basic HTTP authentication) has been removed because it is insecure. -- GitLab From ec5b2253d4b7cc7d4b9ebb0da47584dcc5489a97 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 1 Jul 2025 14:11:46 +0200 Subject: [PATCH 08/15] update SOL023_resp.yaml based on SOL023 v0.0.12 final draft --- src/SOL023/responses/SOL023_resp.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/SOL023/responses/SOL023_resp.yaml b/src/SOL023/responses/SOL023_resp.yaml index 43d5494..0136c4b 100644 --- a/src/SOL023/responses/SOL023_resp.yaml +++ b/src/SOL023/responses/SOL023_resp.yaml @@ -48,7 +48,7 @@ responses: If the request is malformed or syntactically incorrect (e.g. if the request URI contains incorrect query parameters or the message content contains a syntactically incorrect data structure), the API producer shall respond with this response code. - More details are defined in IETF RFC 9110 [24]. The "ProblemDetails" structure + More details are defined in IETF RFC 9110. The "ProblemDetails" structure shall be provided, and should include in the "detail" attribute more information about the source of the problem. @@ -66,7 +66,7 @@ responses: If the request contains a malformed access token, the API producer should respond with this response. The details of the error shall be returned in the - WWW-Authenticate HTTP header, as defined in IETF RFC 6750 [8]. The + WWW-Authenticate HTTP header, as defined in IETF RFC 6750. The ProblemDetails structure may be provided. The use of this HTTP error response code described above is applicable to the use of the OAuth 2.0 for @@ -493,7 +493,7 @@ responses: If the API consumer has sent too many requests in a defined period of time and the API producer is able to detect that condition ("rate limiting"), the API producer shall respond with this response code, - following the provisions in IETF RFC 6585 [17] for the use of the "Retry-After" HTTP header. + following the provisions in IETF RFC 6585 for the use of the "Retry-After" HTTP header. The "ProblemDetails" structure shall be provided and shall include in the "detail" attribute more information about the source of the problem. -- GitLab From 906514ba59e362d544d614bcb52ac75a461c288c Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 1 Jul 2025 14:12:24 +0200 Subject: [PATCH 09/15] update VNFLifecycleManagement.yaml based on SOL023 v0.0.12 final draft --- src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml b/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml index 1605d54..707fae8 100644 --- a/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml +++ b/src/SOL023/VNFLifecycleManagement/VNFLifecycleManagement.yaml @@ -19,8 +19,8 @@ info: version: 1.0.0-impl:etsi.org:ETSI_NFV_OpenAPI:1 externalDocs: - description: ETSI GS NFV-SOL 023 V5.2.1 - url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/023/05.02.01_60/gs_nfv-sol023v050201p.pdf + description: ETSI GS NFV-SOL 023 V5.3.1 + url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/023/05.03.01_60/gs_nfv-sol023v050301p.pdf servers: - url: http://127.0.0.1/vnflcm/v2 -- GitLab From a71f97835beb3b3d0295c4ed0d102ad8de53e154 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 1 Jul 2025 14:13:12 +0200 Subject: [PATCH 10/15] update VNFLifecycleManagementNotification.yaml based on SOL023 v0.0.12 final draft --- .../VNFLifecycleManagementNotification.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/SOL023/VNFLifecycleManagementNotification/VNFLifecycleManagementNotification.yaml b/src/SOL023/VNFLifecycleManagementNotification/VNFLifecycleManagementNotification.yaml index 8030377..0437a7b 100644 --- a/src/SOL023/VNFLifecycleManagementNotification/VNFLifecycleManagementNotification.yaml +++ b/src/SOL023/VNFLifecycleManagementNotification/VNFLifecycleManagementNotification.yaml @@ -19,8 +19,8 @@ info: version: 1.0.0-impl:etsi.org:ETSI_NFV_OpenAPI:1 externalDocs: - description: ETSI GS NFV-SOL 023 V5.2.1 - url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/023/05.02.01_60/gs_nfv-sol023v050201p.pdf + description: ETSI GS NFV-SOL 023 V5.3.1 + url: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/023/05.03.01_60/gs_nfv-sol023v050301p.pdf servers: - url: http://127.0.0.1/vnflcm/v2 -- GitLab From b7c90979e02988b3b1db909f71fe613eaf3f871a Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 1 Jul 2025 14:13:48 +0200 Subject: [PATCH 11/15] update README.md based on SOL023 v0.0.12 final draft --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 50867af..a094ed3 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # NFV SOL023 APIs -This repository hosts the [OpenAPI](https://www.openapis.org/) specifications and other documentation for the APIs defined in ETSI GS NFV-SOL 023 v5.2.1. +This repository hosts the [OpenAPI](https://www.openapis.org/) specifications and other documentation for the APIs defined in ETSI GS NFV-SOL 023 v5.3.1. The APIs described in this repository are defined for the following reference point -- GitLab From 9126a324640e1237e158ad7d4d020b983c7f97cf Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 1 Jul 2025 14:25:36 +0200 Subject: [PATCH 12/15] fix ref issues in SOL023CertificateManagement_def.yaml --- .../SOL023CertificateManagement_def.yaml | 24 +++++++++++++++---- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index 3f44e46..eec786f 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -290,8 +290,10 @@ definitions: cetificateState: description: > The state of the Certificate. - # TODO + # ToDo # $ref: "#/definitions/PKIStatusInfoType" + # ToDO: remove following ref when data model is added. + $ref: "#/definitions/TODO" certificateId: description: > The identifier of the Certificate affected. @@ -358,8 +360,10 @@ definitions: "CertificateLifecycleStateChangeNotification" and shall be absent otherwise. type: array items: - # TODO + # ToDo # $ref: "#/definitions/PKIStatusInfoType" + # ToDO: remove following ref when data model is added. + $ref: "#/definitions/TODO" certificationType: description: > Match particular certificate types. @@ -412,8 +416,10 @@ definitions: ip: description: > Information for Initialization response. - # TODO + # ToDo # $ref: "#/definitions/CertRepMessages" + # ToDO: remove following ref when data model is added. + $ref: "#/definitions/TODO" AffectedCertificate: description: > @@ -453,8 +459,10 @@ definitions: cp: description: > Information for CSR response. - # TODO + # ToDo # $ref: "#/definitions/CertRepMessages" + # ToDO: remove following ref when data model is added. + $ref: "#/definitions/TODO" CertificateNotificationVerbosityType: description: > @@ -463,4 +471,10 @@ definitions: type: string enum: - FULL - - SHORT \ No newline at end of file + - SHORT + + # Adding this datatype to pass the pipeline validation # ToDo + ToDo: + description: > + ToDO + type: string \ No newline at end of file -- GitLab From 02f03940f1513145bd07a13ae9cad7619a9159f9 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Tue, 1 Jul 2025 14:29:08 +0200 Subject: [PATCH 13/15] fix ToDo ref issues in SOL023CertificateManagement_def.yaml --- .../definitions/SOL023CertificateManagement_def.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index eec786f..4a05d37 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -293,7 +293,7 @@ definitions: # ToDo # $ref: "#/definitions/PKIStatusInfoType" # ToDO: remove following ref when data model is added. - $ref: "#/definitions/TODO" + $ref: "#/definitions/ToDo" certificateId: description: > The identifier of the Certificate affected. @@ -363,7 +363,7 @@ definitions: # ToDo # $ref: "#/definitions/PKIStatusInfoType" # ToDO: remove following ref when data model is added. - $ref: "#/definitions/TODO" + $ref: "#/definitions/ToDo" certificationType: description: > Match particular certificate types. @@ -419,7 +419,7 @@ definitions: # ToDo # $ref: "#/definitions/CertRepMessages" # ToDO: remove following ref when data model is added. - $ref: "#/definitions/TODO" + $ref: "#/definitions/ToDo" AffectedCertificate: description: > @@ -462,7 +462,7 @@ definitions: # ToDo # $ref: "#/definitions/CertRepMessages" # ToDO: remove following ref when data model is added. - $ref: "#/definitions/TODO" + $ref: "#/definitions/ToDo" CertificateNotificationVerbosityType: description: > @@ -473,8 +473,8 @@ definitions: - FULL - SHORT - # Adding this datatype to pass the pipeline validation # ToDo + # Adding this temporary datatype to pass the pipeline validation # ToDo ToDo: description: > - ToDO + ToDo type: string \ No newline at end of file -- GitLab From f9890d6641577604cc330271581a283cf0d399bc Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Wed, 2 Jul 2025 16:06:37 +0200 Subject: [PATCH 14/15] removed ToDo temporary data model --- .../SOL023CertificateManagement_def.yaml | 38 ++++++++++++------- 1 file changed, 25 insertions(+), 13 deletions(-) diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index 4a05d37..5b0cfdd 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -291,9 +291,9 @@ definitions: description: > The state of the Certificate. # ToDo - # $ref: "#/definitions/PKIStatusInfoType" + $ref: "#/definitions/PKIStatusInfoType" # ToDO: remove following ref when data model is added. - $ref: "#/definitions/ToDo" + # $ref: "#/definitions/ToDo" certificateId: description: > The identifier of the Certificate affected. @@ -361,9 +361,9 @@ definitions: type: array items: # ToDo - # $ref: "#/definitions/PKIStatusInfoType" + $ref: "#/definitions/PKIStatusInfoType" # ToDO: remove following ref when data model is added. - $ref: "#/definitions/ToDo" + # $ref: "#/definitions/ToDo" certificationType: description: > Match particular certificate types. @@ -417,9 +417,9 @@ definitions: description: > Information for Initialization response. # ToDo - # $ref: "#/definitions/CertRepMessages" + $ref: "#/definitions/CertRepMessages" # ToDO: remove following ref when data model is added. - $ref: "#/definitions/ToDo" + # $ref: "#/definitions/ToDo" AffectedCertificate: description: > @@ -454,15 +454,15 @@ definitions: The structure and attributes are defined in IETF RFC 4210 and IETF RFC 9480. type: object required: - - ip + - cp properties: cp: description: > Information for CSR response. # ToDo - # $ref: "#/definitions/CertRepMessages" + $ref: "#/definitions/CertRepMessages" # ToDO: remove following ref when data model is added. - $ref: "#/definitions/ToDo" + # $ref: "#/definitions/ToDo" CertificateNotificationVerbosityType: description: > @@ -473,8 +473,20 @@ definitions: - FULL - SHORT - # Adding this temporary datatype to pass the pipeline validation # ToDo - ToDo: + # # Adding this temporary datatype to pass the pipeline validation # ToDo + # ToDo: + # description: > + # ToDo + # type: string + + # ToDo - populate PKIStatusInfoType when defined + PKIStatusInfoType: + description: > + Not provided. + type: object + + # ToDo - populate CertRepMessages when defined + CertRepMessages: description: > - ToDo - type: string \ No newline at end of file + Indicates CMPv2 CertRepMessage structure. + type: object \ No newline at end of file -- GitLab From c1cd40a03f1b3f2f8f4806b6dc2c8600c3448214 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Date: Wed, 2 Jul 2025 16:10:44 +0200 Subject: [PATCH 15/15] removed ToDo comments except for PKIStatusInfoType and CertRepMessage --- .../SOL023CertificateManagement_def.yaml | 26 +++---------------- 1 file changed, 4 insertions(+), 22 deletions(-) diff --git a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml index 5b0cfdd..d08137e 100644 --- a/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml +++ b/src/SOL023/CertificateManagement/definitions/SOL023CertificateManagement_def.yaml @@ -290,10 +290,7 @@ definitions: cetificateState: description: > The state of the Certificate. - # ToDo $ref: "#/definitions/PKIStatusInfoType" - # ToDO: remove following ref when data model is added. - # $ref: "#/definitions/ToDo" certificateId: description: > The identifier of the Certificate affected. @@ -360,10 +357,7 @@ definitions: "CertificateLifecycleStateChangeNotification" and shall be absent otherwise. type: array items: - # ToDo $ref: "#/definitions/PKIStatusInfoType" - # ToDO: remove following ref when data model is added. - # $ref: "#/definitions/ToDo" certificationType: description: > Match particular certificate types. @@ -416,10 +410,7 @@ definitions: ip: description: > Information for Initialization response. - # ToDo - $ref: "#/definitions/CertRepMessages" - # ToDO: remove following ref when data model is added. - # $ref: "#/definitions/ToDo" + $ref: "#/definitions/CertRepMessage" AffectedCertificate: description: > @@ -459,10 +450,7 @@ definitions: cp: description: > Information for CSR response. - # ToDo - $ref: "#/definitions/CertRepMessages" - # ToDO: remove following ref when data model is added. - # $ref: "#/definitions/ToDo" + $ref: "#/definitions/CertRepMessage" CertificateNotificationVerbosityType: description: > @@ -473,20 +461,14 @@ definitions: - FULL - SHORT - # # Adding this temporary datatype to pass the pipeline validation # ToDo - # ToDo: - # description: > - # ToDo - # type: string - # ToDo - populate PKIStatusInfoType when defined PKIStatusInfoType: description: > Not provided. type: object - # ToDo - populate CertRepMessages when defined - CertRepMessages: + # ToDo - populate CertRepMessage when defined + CertRepMessage: description: > Indicates CMPv2 CertRepMessage structure. type: object \ No newline at end of file -- GitLab