diff options
| author |   Kiran Kamineni <kiran.k.kamineni@intel.com> | 2018-05-14 14:40:03 -0700 |
|---|---|---|
| committer |   Girish Havaldar <hg0071052@techmahindra.com> | 2018-05-15 04:25:49 +0000 |
| commit | 30cd384dd2ea48ad3be9c6595cc1b43fe2318e4a (patch) | |
| tree | 23d2f7f99a39b90d1e7d7274ef1007ff6c89ad3c /sms-service/bin | |
| parent | 9f98749e160474ce06214530a4c05dbf3468f5cc (diff) | |
Adding updated certs and encryption
Adding new SAN certificates from AAF
Adding encrypted storage for certificates
Moving certificates to different folder during
deployment. certs vs auth
Issue-ID: AAF-284
Change-Id: Ic0c3972556b36f773c7a653059eccd077624e4b6
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
Diffstat (limited to 'sms-service/bin')
| -rwxr-xr-x | sms-service/bin/build_quorum_image.sh | 2 | ||||
| -rwxr-xr-x | sms-service/bin/build_sms_image.sh | 12 | ||||
| -rw-r--r-- | sms-service/bin/deploy/quorumconfig.json | 5 | ||||
| -rwxr-xr-x | sms-service/bin/deploy/sms.sh | 13 | ||||
| -rw-r--r-- | sms-service/bin/deploy/smsconfig.json | 7 | ||||
| -rw-r--r-- | sms-service/bin/quorumdockerfile | 2 | ||||
| -rw-r--r-- | sms-service/bin/smsdockerfile | 6 |
7 files changed, 24 insertions, 23 deletions
diff --git a/sms-service/bin/build_quorum_image.sh b/sms-service/bin/build_quorum_image.sh index b26accf..72932e5 100755 --- a/sms-service/bin/build_quorum_image.sh +++ b/sms-service/bin/build_quorum_image.sh @@ -28,7 +28,7 @@ function generate_binary { } function copy_certificates { - cp ../src/sms/auth/aaf_root_ca.cer . + cp ../src/sms/certs/aaf_root_ca.cer . } function cleanup { diff --git a/sms-service/bin/build_sms_image.sh b/sms-service/bin/build_sms_image.sh index 46685b6..2a98709 100755 --- a/sms-service/bin/build_sms_image.sh +++ b/sms-service/bin/build_sms_image.sh @@ -28,16 +28,16 @@ function generate_binary { } function copy_certificates { - cp ../src/sms/auth/aaf_root_ca.cer . - cp ../src/sms/auth/aaf-sms.api.simpledemo.onap.org.pem . - cp ../src/sms/auth/aaf-sms.api.simpledemo.onap.org.pr . + cp ../src/sms/certs/aaf_root_ca.cer . + cp ../src/sms/certs/aaf-sms.pub . + cp ../src/sms/certs/aaf-sms.pr . } function cleanup { rm sms - rm aaf-sms.api.simpledemo.onap.org.pem - rm aaf-sms.api.simpledemo.onap.org.pr - rm aaf_root_ca.cer + rm aaf-sms.pub + rm aaf-sms.pr + rm aaf_root_ca.cer } function build_image { diff --git a/sms-service/bin/deploy/quorumconfig.json b/sms-service/bin/deploy/quorumconfig.json index d2f647f..696fec6 100644 --- a/sms-service/bin/deploy/quorumconfig.json +++ b/sms-service/bin/deploy/quorumconfig.json @@ -1,7 +1,6 @@ { - "url":"https://sms-service:10443", - "servername":"aaf-sms.api.simpledemo.onap.org", - "cafile":"cert/aaf_root_ca.cer", + "url":"https://aaf-sms.onap:10443", + "cafile":"certs/aaf_root_ca.cer", "clientcert":"client.cert", "clientkey":"client.key", "timeout":"10s" diff --git a/sms-service/bin/deploy/sms.sh b/sms-service/bin/deploy/sms.sh index 3a6153c..a7eca69 100755 --- a/sms-service/bin/deploy/sms.sh +++ b/sms-service/bin/deploy/sms.sh @@ -69,13 +69,14 @@ docker cp vault.json sms-vault:/vault/config/config.json; docker start sms-vault; # Start SMS -docker create --rm --name sms-service --network sms-net \ ---hostname sms-service -p "10443:10443" \ +# Matching hostname with cert name +docker create --rm --name aaf-sms.onap --network sms-net \ +--hostname aaf-sms.onap -p "10443:10443" \ -v sms-service:/sms/auth \ ${SMS_IMG}; -docker cp smsconfig.json sms-service:/sms/smsconfig.json -docker start sms-service +docker cp smsconfig.json aaf-sms.onap:/sms/smsconfig.json +docker start aaf-sms.onap # Start 3 Quorum Clients for i in {0..2} @@ -96,7 +97,7 @@ fi # Shutdown and clean up. if [ "$1" = "stop" ]; then -docker stop sms-vault sms-consul sms-service; +docker stop sms-vault sms-consul aaf-sms.onap; for i in {0..2}; do docker stop sms-quorum-$i done @@ -110,4 +111,4 @@ fi if [ $SS = 0 ]; then echo "Please type ${0} start or ${0} stop" -fi
\ No newline at end of file +fi diff --git a/sms-service/bin/deploy/smsconfig.json b/sms-service/bin/deploy/smsconfig.json index 4c3cf3c..df446eb 100644 --- a/sms-service/bin/deploy/smsconfig.json +++ b/sms-service/bin/deploy/smsconfig.json @@ -1,7 +1,8 @@ { - "cafile": "cert/aaf_root_ca.cer", - "servercert": "cert/aaf-sms.api.simpledemo.onap.org.pem", - "serverkey": "cert/aaf-sms.api.simpledemo.onap.org.pr", + "cafile": "certs/aaf_root_ca.cer", + "servercert": "certs/aaf-sms.pub", + "serverkey": "certs/aaf-sms.pr", + "password": "c2VjcmV0bWFuYWdlbWVudHNlcnZpY2VzZWNyZXRwYXNzd29yZA==", "smsdbaddress": "http://sms-vault:8200" } diff --git a/sms-service/bin/quorumdockerfile b/sms-service/bin/quorumdockerfile index 3b787d7..2874b7a 100644 --- a/sms-service/bin/quorumdockerfile +++ b/sms-service/bin/quorumdockerfile @@ -5,7 +5,7 @@ LABEL version=2.0.0 LABEL maintainer="Girish Havaldar <hg0071052@techmahindra.com>" RUN mkdir -p /quorumclient/auth -ADD aaf_root_ca.cer /quorumclient/cert/aaf_root_ca.cer +ADD aaf_root_ca.cer /quorumclient/certs/aaf_root_ca.cer ADD quorumclient /quorumclient/bin/quorumclient RUN chmod +x /quorumclient/bin/quorumclient diff --git a/sms-service/bin/smsdockerfile b/sms-service/bin/smsdockerfile index 14327dc..19ce84f 100644 --- a/sms-service/bin/smsdockerfile +++ b/sms-service/bin/smsdockerfile @@ -7,9 +7,9 @@ LABEL maintainer="vamshi krishna <vn00480215@techmahindra.com>" EXPOSE 10443 RUN mkdir -p /sms/auth -ADD aaf_root_ca.cer /sms/cert/aaf_root_ca.cer -ADD aaf-sms.api.simpledemo.onap.org.pem /sms/cert/aaf-sms.api.simpledemo.onap.org.pem -ADD aaf-sms.api.simpledemo.onap.org.pr /sms/cert/aaf-sms.api.simpledemo.onap.org.pr +ADD aaf_root_ca.cer /sms/certs/aaf_root_ca.cer +ADD aaf-sms.pub /sms/certs/aaf-sms.pub +ADD aaf-sms.pr /sms/certs/aaf-sms.pr ADD sms /sms/bin/sms RUN chmod +x /sms/bin/sms |