From ca315932268e1c5da6a12201db4cfaef35df69bb Mon Sep 17 00:00:00 2001 From: PatrikBuhr Date: Thu, 11 Aug 2022 09:03:24 +0200 Subject: NONRTRIC PMS, updated certs Updated certificate (which was expired). Issue-ID: CCSDK-3683 Signed-off-by: PatrikBuhr Change-Id: I373bf34bc0a1bb0b5b5ff00f0f98da080ba794ff --- a1-policy-management/config/README | 6 ++++-- a1-policy-management/config/keystore.jks | Bin 4779 -> 5269 bytes a1-policy-management/config/truststore.jks | Bin 3587 -> 3869 bytes .../controllers/v2/ApplicationTest.java | 10 ++++++---- a1-policy-management/src/test/resources/keystore.jks | Bin 5019 -> 0 bytes .../src/test/resources/truststore.jks | Bin 3699 -> 0 bytes 6 files changed, 10 insertions(+), 6 deletions(-) delete mode 100644 a1-policy-management/src/test/resources/keystore.jks delete mode 100644 a1-policy-management/src/test/resources/truststore.jks diff --git a/a1-policy-management/config/README b/a1-policy-management/config/README index b54a6751..42e0b7bd 100644 --- a/a1-policy-management/config/README +++ b/a1-policy-management/config/README @@ -3,13 +3,15 @@ The keystore.jks and truststore.jks files are created by using the following com 1) Create a CA certificate and a private key: openssl genrsa -des3 -out CA-key.pem 2048 -openssl req -new -key CA-key.pem -x509 -days 1000 -out CA-cert.pem +openssl req -new -key CA-key.pem -x509 -days 3600 -out CA-cert.pem 2) Create a keystore with a private key entry that is signed by the CA: +Note: the "your name" must be "localhost" for the unittest to work. + keytool -genkeypair -alias policy_agent -keyalg RSA -keysize 2048 -keystore keystore.jks -validity 3650 -storepass policy_agent keytool -certreq -alias policy_agent -file request.csr -keystore keystore.jks -ext san=dns:your.domain.com -storepass policy_agent -openssl x509 -req -days 365 -in request.csr -CA CA-cert.pem -CAkey CA-key.pem -CAcreateserial -out ca_signed-cert.pem +openssl x509 -req -days 3650 -in request.csr -CA CA-cert.pem -CAkey CA-key.pem -CAcreateserial -out ca_signed-cert.pem keytool -importcert -alias ca_cert -file CA-cert.pem -keystore keystore.jks -trustcacerts -storepass policy_agent keytool -importcert -alias policy_agent -file ca_signed-cert.pem -keystore keystore.jks -trustcacerts -storepass policy_agent diff --git a/a1-policy-management/config/keystore.jks b/a1-policy-management/config/keystore.jks index 48c3b33c..563c67b3 100644 Binary files a/a1-policy-management/config/keystore.jks and b/a1-policy-management/config/keystore.jks differ diff --git a/a1-policy-management/config/truststore.jks b/a1-policy-management/config/truststore.jks index 760261eb..50a0f9e9 100644 Binary files a/a1-policy-management/config/truststore.jks and b/a1-policy-management/config/truststore.jks differ diff --git a/a1-policy-management/src/test/java/org/onap/ccsdk/oran/a1policymanagementservice/controllers/v2/ApplicationTest.java b/a1-policy-management/src/test/java/org/onap/ccsdk/oran/a1policymanagementservice/controllers/v2/ApplicationTest.java index b4fe10a9..04845244 100644 --- a/a1-policy-management/src/test/java/org/onap/ccsdk/oran/a1policymanagementservice/controllers/v2/ApplicationTest.java +++ b/a1-policy-management/src/test/java/org/onap/ccsdk/oran/a1policymanagementservice/controllers/v2/ApplicationTest.java @@ -95,8 +95,8 @@ import reactor.util.annotation.Nullable; @SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT) @TestPropertySource(properties = { // - "server.ssl.key-store=./src/test/resources/keystore.jks", // - "app.webclient.trust-store=./src/test/resources/truststore.jks", // + "server.ssl.key-store=./config/keystore.jks", // + "app.webclient.trust-store=./config/truststore.jks", // "app.webclient.trust-store-used=true", // "app.vardata-directory=./target/testdata", // "app.filepath=" // @@ -314,8 +314,10 @@ class ApplicationTest { @Test void testTrustValidation() { addRic("ric1"); + String rsp = restClient(true).get("/rics").block(); // restClient(true) enables trust validation assertThat(rsp).contains("ric1"); + } @Test @@ -929,8 +931,8 @@ class ApplicationTest { for (int i = 0; i < 10; ++i) { AsyncRestClient restClient = restClient(); - ConcurrencyTestRunnable test = - new ConcurrencyTestRunnable(restClient, supervision, a1ClientFactory, rics, policyTypes); + ConcurrencyTestRunnable test = new ConcurrencyTestRunnable(restClient, supervision, a1ClientFactory, rics, + policyTypes); Thread thread = new Thread(test, "TestThread_" + i); thread.start(); threads.add(thread); diff --git a/a1-policy-management/src/test/resources/keystore.jks b/a1-policy-management/src/test/resources/keystore.jks deleted file mode 100644 index 675785b4..00000000 Binary files a/a1-policy-management/src/test/resources/keystore.jks and /dev/null differ diff --git a/a1-policy-management/src/test/resources/truststore.jks b/a1-policy-management/src/test/resources/truststore.jks deleted file mode 100644 index e883cd67..00000000 Binary files a/a1-policy-management/src/test/resources/truststore.jks and /dev/null differ -- cgit 1.2.3-korg