From b81c681cb6be761a2abb5e2f5af1b923bef1f6b4 Mon Sep 17 00:00:00 2001
From: awudzins <adam.wudzinski@nokia.com>
Date: Fri, 13 Mar 2020 16:54:18 +0100
Subject: Switch client and server to communicate over TLS
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Issue-ID: AAF-1084
Signed-off-by: Adam Wudziński <adam.wudzinski@nokia.com>
Change-Id: I7f11b27c7dcdf4fc3eba2d5e64b6dc775c80dd74
---
 docker-compose.yml | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

(limited to 'docker-compose.yml')

diff --git a/docker-compose.yml b/docker-compose.yml
index 851ad317..1ce8ed48 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -18,16 +18,25 @@ services:
     networks:
       - certservice
 
-  certservice:
+  aaf-cert-service:
     image: onap/org.onap.aaf.certservice.aaf-certservice-api:latest
-    container_name: aafcert-service
     volumes:
       - ./certService/helm/aaf-cert-service/resources/cmpServers.json:/etc/onap/aaf/certservice/cmpServers.json
+      - ./certs/truststore.jks:/etc/onap/aaf/certservice/certs/truststore.jks
+      - ./certs/root.crt:/etc/onap/aaf/certservice/certs/root.crt
+      - ./certs/certServiceServer-keystore.jks:/etc/onap/aaf/certservice/certs/certServiceServer-keystore.jks
+      - ./certs/certServiceServer-keystore.p12:/etc/onap/aaf/certservice/certs/certServiceServer-keystore.p12
+    container_name: aafcert-service
     ports:
-      - "8080:8080"
+      - "8443:8443"
     depends_on:
       ejbca:
         condition: service_healthy
+    healthcheck:
+      test: ["CMD-SHELL", "curl https://localhost:8443/actuator/health --cacert /etc/onap/aaf/certservice/certs/root.crt --cert-type p12 --cert /etc/onap/aaf/certservice/certs/certServiceServer-keystore.p12 --pass secret"]
+      interval: 10s
+      timeout: 3s
+      retries: 15
     networks:
       - certservice
 
-- 
cgit 1.2.3-korg