Feature Configuration
To configure this feature, use the following configuration. The following commands help in enabling the mTLS option along with the server name at the NF and NRF-related configurations:
config
profile nf-client
nf-type ausf
ausf-profile AUP1
locality LOC1
service type nausf-auth
endpoint-profile ep_profile_name
type EP1
locality LOC1
uri-scheme https
server-name server_name
group nrf
mgmt MGMT_name
service type nrf nnrf-nfm
endpoint-profile ep_profile_name
name mgmt-prof
uri-scheme https
server-name server_name
group nrf
discovery udmdiscovery
service type nrf nnrf-disc
endpoint-profile ep_profile_name
name EP1
uri-scheme https
server-name server_name
end
NOTES:
-
profile nf-client nf-type ausf ausf-profile AUP1 —Specify the required NF client profiles and provide the local configuration.
-
service type nausf-auth | service type nrf nnrf-nfm | service type nrf nnrf-disc —Specify the service names as per the 3GPP standards.
-
group nrf mgmt MGMT_name —Specify the NRF self-management group configurations.
-
instance instance-id instance_id —Specify the instance ID.
-
endpoint-profile ep_profile_name —Specify the endpoint-profile name.
-
uri-scheme {http | https} —Specify the uri-scheme as https. The default value is http.
-
server-name server_name —Specify the DNS name (FQDN) of the peer NF and the server-name must match the DNS attribute of the subjectAltName field in the peer NF certificates.