From 863dfe2206ec754c58acd5317e611e037d751a82 Mon Sep 17 00:00:00 2001 From: Kiran Kamineni Date: Mon, 30 Apr 2018 11:14:19 -0700 Subject: Using SNI for service names to support k8s Using SNI in quorum client connection to connect to SMS service via https Issue-ID: AAF-265 Change-Id: I5108e9d734f11a4f74c41a41a2d8cd2f72c62b36 Signed-off-by: Kiran Kamineni --- sms-service/src/quorumclient/config.json | 1 + sms-service/src/quorumclient/quorumclient.go | 19 +++++++++++++------ 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/sms-service/src/quorumclient/config.json b/sms-service/src/quorumclient/config.json index 53cbf41..9afe723 100644 --- a/sms-service/src/quorumclient/config.json +++ b/sms-service/src/quorumclient/config.json @@ -1,5 +1,6 @@ { "url":"https://aaf-sms:10443", + "servername":"aaf-sms.api.simpledemo.onap.org", "cafile": "cert/aaf_root_ca.cer", "clientcert":"client.cert", "clientkey":"client.key", diff --git a/sms-service/src/quorumclient/quorumclient.go b/sms-service/src/quorumclient/quorumclient.go index 9db6da8..9ef8f00 100644 --- a/sms-service/src/quorumclient/quorumclient.go +++ b/sms-service/src/quorumclient/quorumclient.go @@ -105,12 +105,13 @@ func main() { //Struct to read json configuration file type config struct { - BackEndURL string `json:"url"` - CAFile string `json:"cafile"` - ClientCert string `json:"clientcert"` - ClientKey string `json:"clientkey"` - TimeOut string `json:"timeout"` - DisableTLS bool `json:"disable_tls"` + BackEndURL string `json:"url"` + BackendServerName string `json:"servername"` + CAFile string `json:"cafile"` + ClientCert string `json:"clientcert"` + ClientKey string `json:"clientkey"` + TimeOut string `json:"timeout"` + DisableTLS bool `json:"disable_tls"` } //Load the config File for reading @@ -155,6 +156,12 @@ func main() { } } + // Allow https connection in k8s where servername does not match + // certificate server name + if cfg.BackendServerName != "" { + transport.TLSClientConfig.ServerName = cfg.BackendServerName + } + client := &http.Client{ Transport: &transport, } -- cgit 1.2.3-korg