diff options
author | Michael Arrastia <MArrasti@amdocs.com> | 2018-11-08 16:57:56 +0000 |
---|---|---|
committer | Michael Arrastia <MArrasti@amdocs.com> | 2018-11-09 13:49:40 +0000 |
commit | d3e1728b11f11d3979f04be1773e338416090d77 (patch) | |
tree | 0c81e2b8d68e6a089a6fa9ef312536f5669e6a59 /sidecar/fproxy/src/main/java/org/onap/aaf/cadi/sidecar/fproxy/RestTemplateConfig.java | |
parent | 60985cb838d78c1a7f3853ee355ee5b974cc72bd (diff) |
Update FProxy to separate truststore and keystore
* Create default truststore, fproxy_truststore.
* Require TRUST_STORE_PASSWORD system parameter on application start.
* Harden parameter checks in FProxyApplication PostConstruct.
* Rationalise properties in RestTemplateConfig.
* Update unit tests to handle trust store.
* Correct spring dependency in pom.
Change-Id: I0254e5d27ff76bbd7a44b961169d7fe47761d3f9
Issue-ID: AAF-614
Signed-off-by: Michael Arrastia <MArrasti@amdocs.com>
Diffstat (limited to 'sidecar/fproxy/src/main/java/org/onap/aaf/cadi/sidecar/fproxy/RestTemplateConfig.java')
-rw-r--r-- | sidecar/fproxy/src/main/java/org/onap/aaf/cadi/sidecar/fproxy/RestTemplateConfig.java | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/sidecar/fproxy/src/main/java/org/onap/aaf/cadi/sidecar/fproxy/RestTemplateConfig.java b/sidecar/fproxy/src/main/java/org/onap/aaf/cadi/sidecar/fproxy/RestTemplateConfig.java index 23f3471..33ecb7e 100644 --- a/sidecar/fproxy/src/main/java/org/onap/aaf/cadi/sidecar/fproxy/RestTemplateConfig.java +++ b/sidecar/fproxy/src/main/java/org/onap/aaf/cadi/sidecar/fproxy/RestTemplateConfig.java @@ -45,11 +45,11 @@ public class RestTemplateConfig { @Value("${server.ssl.client-cert-password}") private String clientCertPassword; - @Value("${server.ssl.key-store}") - private String keystorePath; + @Value("${server.ssl.trust-store}") + private String trustStorePath; - @Value("${server.ssl.key-store-password}") - private String keystorePassword; + @Value("${server.ssl.trust-store-password}") + private String trustStorePassword; @Profile("secure") @Bean @@ -66,11 +66,11 @@ public class RestTemplateConfig { } private HttpClientBuilder getClientBuilder() throws GeneralSecurityException, IOException { + char[] clientPassword = Password.deobfuscate(clientCertPassword).toCharArray(); SSLContext sslContext = SSLContextBuilder.create() - .loadKeyMaterial(ResourceUtils.getFile(clientCertPath), Password.deobfuscate(clientCertPassword).toCharArray(), - keystorePassword.toCharArray()) - .loadTrustMaterial(ResourceUtils.getFile(keystorePath), keystorePassword.toCharArray()).build(); + .loadKeyMaterial(ResourceUtils.getFile(clientCertPath), clientPassword, clientPassword) + .loadTrustMaterial(ResourceUtils.getFile(trustStorePath), trustStorePassword.toCharArray()).build(); return HttpClients.custom().setSSLContext(sslContext); } |