Skip to content
This repository has been archived by the owner on Jan 25, 2024. It is now read-only.

Files

Latest commit

 

History

History

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 
 
 

Certificate Order - DNS Domain Validation sample for Akamai

Prerequisites

  1. An instance of IBM Cloud Certificate Manager
  2. Account in Akamai

Note: Before you can work with DNS records in Akamai, make sure to request appropriate access permissions from the account owner.

Configuration

IBM Cloud Function action

  1. Clone the sample code
git clone https://github.com/ibm-cloud-security/certificate-manager-domain-validation-cloud-function-sample
  1. Enter the AkamaiSmaple directory
cd AkamaiSample/
  1. Install the package
npm install package-lock.json
  1. Compress the content
zip -r action.zip *
  1. Follow this doc to install the CLI and plug-in, https://cloud.ibm.com/docs/openwhisk?topic=openwhisk-cli_install

  2. Login IBM cloud

ibmcloud login --sso
  1. Create a new namespace
ibmcloud fn namespace create DNSCertManagerNS
  1. Target to the new namespace
ibmcloud fn namespace target DNSCertManagerNS
  1. Create a cloud function action and upload the sample code
ibmcloud fn action create AkamaiCertManagerAction action.zip --kind nodejs:12

And you can also update the code with this cmd:

ibmcloud fn action update AkamaiCertManagerAction action.zip --kind nodejs:12
  1. Bind parameters to the action

Select Parameters from the sidebar, and add the following:

1. `allowedCertificateManagerCRNs` - a JSON Object containing a list of Certificate Manager instances that are allowed to invoke this function.
    Apply it in order to protect your cloud function from being invoked by unauthorized clients.  
    E.g. `{"crn:v1:bluemix:public:cloudcerts:us-south:a....":true,"crn:v1:bluemix:public:cloudcerts:eu-de:a...":true}`

    * Find your Certificate Manager instance CRN from the Settings sidebar item
    * Or from CLI: `ibmcloud resource service-instance [INSTANCE NAME]`, grab the `ID` value

2. `cmRegion` - your Certificate Manager service instance region value. Can be one of: `us-south`, `eu-gb`, `eu-de`, `jp-tok`  
    E.g. `"us-south"`

3. `host` - The Akamai API endpoint hostname. (Get from Akamai client credential)

4. `client_token` - The client token for Akamai API calling. (Get from Akamai client credential)

5. `client_secret` - The client secret for Akamai API calling. (Get from Akamai client credential)

6. `access_token` - The access token for Akamai API calling. (Get from Akamai client credential)

     * Refer to [this guidance](https://developer.akamai.com/api/getting-started#authsetup) to create the Akamai client credential for API calling.