From 30cd384dd2ea48ad3be9c6595cc1b43fe2318e4a Mon Sep 17 00:00:00 2001
From: Kiran Kamineni <kiran.k.kamineni@intel.com>
Date: Mon, 14 May 2018 14:40:03 -0700
Subject: Adding updated certs and encryption

Adding new SAN certificates from AAF
Adding encrypted storage for certificates
Moving certificates to different folder during
deployment. certs vs auth

Issue-ID: AAF-284
Change-Id: Ic0c3972556b36f773c7a653059eccd077624e4b6
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
---
 sms-service/bin/build_quorum_image.sh    |  2 +-
 sms-service/bin/build_sms_image.sh       | 12 ++++++------
 sms-service/bin/deploy/quorumconfig.json |  5 ++---
 sms-service/bin/deploy/sms.sh            | 13 +++++++------
 sms-service/bin/deploy/smsconfig.json    |  7 ++++---
 sms-service/bin/quorumdockerfile         |  2 +-
 sms-service/bin/smsdockerfile            |  6 +++---
 7 files changed, 24 insertions(+), 23 deletions(-)

(limited to 'sms-service/bin')

diff --git a/sms-service/bin/build_quorum_image.sh b/sms-service/bin/build_quorum_image.sh
index b26accf..72932e5 100755
--- a/sms-service/bin/build_quorum_image.sh
+++ b/sms-service/bin/build_quorum_image.sh
@@ -28,7 +28,7 @@ function generate_binary {
 }
 
 function copy_certificates {
-    cp ../src/sms/auth/aaf_root_ca.cer .
+    cp ../src/sms/certs/aaf_root_ca.cer .
 }
 
 function cleanup {
diff --git a/sms-service/bin/build_sms_image.sh b/sms-service/bin/build_sms_image.sh
index 46685b6..2a98709 100755
--- a/sms-service/bin/build_sms_image.sh
+++ b/sms-service/bin/build_sms_image.sh
@@ -28,16 +28,16 @@ function generate_binary {
 }
 
 function copy_certificates {
-    cp ../src/sms/auth/aaf_root_ca.cer .
-    cp ../src/sms/auth/aaf-sms.api.simpledemo.onap.org.pem .
-    cp ../src/sms/auth/aaf-sms.api.simpledemo.onap.org.pr .
+    cp ../src/sms/certs/aaf_root_ca.cer .
+    cp ../src/sms/certs/aaf-sms.pub .
+    cp ../src/sms/certs/aaf-sms.pr .
 }
 
 function cleanup {
     rm sms
-    rm aaf-sms.api.simpledemo.onap.org.pem
-    rm aaf-sms.api.simpledemo.onap.org.pr
-    rm aaf_root_ca.cer 
+    rm aaf-sms.pub
+    rm aaf-sms.pr
+    rm aaf_root_ca.cer
 }
 
 function build_image {
diff --git a/sms-service/bin/deploy/quorumconfig.json b/sms-service/bin/deploy/quorumconfig.json
index d2f647f..696fec6 100644
--- a/sms-service/bin/deploy/quorumconfig.json
+++ b/sms-service/bin/deploy/quorumconfig.json
@@ -1,7 +1,6 @@
 {
-    "url":"https://sms-service:10443",
-    "servername":"aaf-sms.api.simpledemo.onap.org",
-    "cafile":"cert/aaf_root_ca.cer",
+    "url":"https://aaf-sms.onap:10443",
+    "cafile":"certs/aaf_root_ca.cer",
     "clientcert":"client.cert",
     "clientkey":"client.key",
     "timeout":"10s"
diff --git a/sms-service/bin/deploy/sms.sh b/sms-service/bin/deploy/sms.sh
index 3a6153c..a7eca69 100755
--- a/sms-service/bin/deploy/sms.sh
+++ b/sms-service/bin/deploy/sms.sh
@@ -69,13 +69,14 @@ docker cp vault.json sms-vault:/vault/config/config.json;
 docker start sms-vault;
 
 # Start SMS
-docker create --rm --name sms-service --network sms-net \
---hostname sms-service -p "10443:10443" \
+# Matching hostname with cert name
+docker create --rm --name aaf-sms.onap --network sms-net \
+--hostname aaf-sms.onap -p "10443:10443" \
 -v sms-service:/sms/auth \
 ${SMS_IMG};
 
-docker cp smsconfig.json sms-service:/sms/smsconfig.json
-docker start sms-service
+docker cp smsconfig.json aaf-sms.onap:/sms/smsconfig.json
+docker start aaf-sms.onap
 
 # Start 3 Quorum Clients
 for i in {0..2}
@@ -96,7 +97,7 @@ fi
 
 # Shutdown and clean up.
 if [ "$1" = "stop" ]; then
-docker stop sms-vault sms-consul sms-service;
+docker stop sms-vault sms-consul aaf-sms.onap;
 for i in {0..2}; do
 docker stop sms-quorum-$i
 done
@@ -110,4 +111,4 @@ fi
 
 if [ $SS = 0 ]; then
 	echo "Please type ${0} start or ${0} stop"
-fi
\ No newline at end of file
+fi
diff --git a/sms-service/bin/deploy/smsconfig.json b/sms-service/bin/deploy/smsconfig.json
index 4c3cf3c..df446eb 100644
--- a/sms-service/bin/deploy/smsconfig.json
+++ b/sms-service/bin/deploy/smsconfig.json
@@ -1,7 +1,8 @@
 {
-    "cafile":     "cert/aaf_root_ca.cer",
-    "servercert": "cert/aaf-sms.api.simpledemo.onap.org.pem",
-    "serverkey":  "cert/aaf-sms.api.simpledemo.onap.org.pr",
+    "cafile":     "certs/aaf_root_ca.cer",
+    "servercert": "certs/aaf-sms.pub",
+    "serverkey":  "certs/aaf-sms.pr",
+    "password": "c2VjcmV0bWFuYWdlbWVudHNlcnZpY2VzZWNyZXRwYXNzd29yZA==",
 
     "smsdbaddress": "http://sms-vault:8200"
 }
diff --git a/sms-service/bin/quorumdockerfile b/sms-service/bin/quorumdockerfile
index 3b787d7..2874b7a 100644
--- a/sms-service/bin/quorumdockerfile
+++ b/sms-service/bin/quorumdockerfile
@@ -5,7 +5,7 @@ LABEL version=2.0.0
 LABEL maintainer="Girish Havaldar <hg0071052@techmahindra.com>"
 
 RUN mkdir -p /quorumclient/auth
-ADD aaf_root_ca.cer /quorumclient/cert/aaf_root_ca.cer
+ADD aaf_root_ca.cer /quorumclient/certs/aaf_root_ca.cer
 ADD quorumclient /quorumclient/bin/quorumclient
 RUN chmod +x /quorumclient/bin/quorumclient
 
diff --git a/sms-service/bin/smsdockerfile b/sms-service/bin/smsdockerfile
index 14327dc..19ce84f 100644
--- a/sms-service/bin/smsdockerfile
+++ b/sms-service/bin/smsdockerfile
@@ -7,9 +7,9 @@ LABEL maintainer="vamshi krishna <vn00480215@techmahindra.com>"
 EXPOSE 10443
 
 RUN mkdir -p /sms/auth
-ADD aaf_root_ca.cer /sms/cert/aaf_root_ca.cer
-ADD aaf-sms.api.simpledemo.onap.org.pem /sms/cert/aaf-sms.api.simpledemo.onap.org.pem
-ADD aaf-sms.api.simpledemo.onap.org.pr /sms/cert/aaf-sms.api.simpledemo.onap.org.pr
+ADD aaf_root_ca.cer /sms/certs/aaf_root_ca.cer
+ADD aaf-sms.pub /sms/certs/aaf-sms.pub
+ADD aaf-sms.pr /sms/certs/aaf-sms.pr
 ADD sms /sms/bin/sms
 RUN chmod +x /sms/bin/sms
 
-- 
cgit 1.2.3-korg