Feature Configuration

To configure this feature, use the following configuration. The following commands help in enabling the mTLS option along with the server name at the NF and NRF-related configurations:

config 
    profile nf-client 
        nf-type ausf 
            ausf-profile AUP1 
            locality LOC1 
            service type nausf-auth 
            endpoint-profile ep_profile_name 
                type EP1 
                locality LOC1 
                uri-scheme https 
                server-name server_name 
    group nrf 
        mgmt MGMT_name 
            service type nrf nnrf-nfm 
            endpoint-profile ep_profile_name 
                name mgmt-prof 
                uri-scheme https 
                server-name server_name 
    group nrf 
        discovery udmdiscovery 
            service type nrf nnrf-disc 
            endpoint-profile ep_profile_name 
                name EP1 
                uri-scheme https 
                server-name server_name 
                end 

NOTES:

  • profile nf-client nf-type ausf ausf-profile AUP1 —Specify the required NF client profiles and provide the local configuration.

  • service type nausf-auth | service type nrf nnrf-nfm | service type nrf nnrf-disc —Specify the service names as per the 3GPP standards.

  • group nrf mgmt MGMT_name —Specify the NRF self-management group configurations.

  • instance instance-id instance_id —Specify the instance ID.

  • endpoint-profile ep_profile_name —Specify the endpoint-profile name.

  • uri-scheme {http | https} —Specify the uri-scheme as https. The default value is http.

  • server-name server_name —Specify the DNS name (FQDN) of the peer NF and the server-name must match the DNS attribute of the subjectAltName field in the peer NF certificates.