Versions Compared

Version Old Version 2 New Version Current
Changes made by

Freddi Gyara

David Plews

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Section

Certificate

Steps

Additional Information to be Supplied by LFI

Transport Client Certificate

C3

This certificate is used by Ozone to recognise the LFI when it calls the hh and cm

These steps are repeated for C3 S4 Sig3 Sig4

  1. LFIto generate private key for the server certificate.

  2. Ozone will provide the subject for the certificate.

  3. LFI to generate CSR with subject details as provided.

  4. LFI will generate the certificate from OFTF directory.

  5. Ozone to deploy.

Code Block
Cert Subject
Code Block
JWKS URL

Transport Server Certificate

S4

The certificate is used by the LFI to identify its Ozone Connect service to OFP.

Code Block
Cert Subject
Code Block
JWKS URL

Signing Certificate

Sig3Sig4

Used by the LFI to sign requests and responses sent to OFP.

This is used to sign the jwt-auth header for:

  • Ozone Connect responses

  • hh-pub requests

  • cm-pub requests

LFI will use the public key in the JWKS to verify the signature.

Code Block
Cert Subject
Code Block
JWKS URL

...