summaryrefslogtreecommitdiffstats
path: root/dcae-analytics/dcae-analytics-web/src/main
diff options
context:
space:
mode:
authorRemigiusz Janeczek <remigiusz.janeczek@nokia.com>2021-07-07 14:28:17 +0200
committerRemigiusz Janeczek <remigiusz.janeczek@nokia.com>2021-07-07 14:28:17 +0200
commit48669a0063a2298da1c89c6249714dd64ce8bec1 (patch)
tree01e15719d44a5657ff5cf41da7097f23c07ed74a /dcae-analytics/dcae-analytics-web/src/main
parentf19a66a6582396e2ee1297a3e5898afa77484ea9 (diff)
Fix AAI connection issues
Remove "ECOMP" from http headers Add loading of AAF TrustStore for SslContext Issue-ID: DCAEGEN2-2831 Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com> Change-Id: I54dbae61f92361f1a7ecdae5f9dc8f7ab7fee46c
Diffstat (limited to 'dcae-analytics/dcae-analytics-web/src/main')
-rw-r--r--dcae-analytics/dcae-analytics-web/src/main/java/org/onap/dcae/analytics/web/http/HttpClientPreferencesCustomizer.java28
1 files changed, 28 insertions, 0 deletions
diff --git a/dcae-analytics/dcae-analytics-web/src/main/java/org/onap/dcae/analytics/web/http/HttpClientPreferencesCustomizer.java b/dcae-analytics/dcae-analytics-web/src/main/java/org/onap/dcae/analytics/web/http/HttpClientPreferencesCustomizer.java
index c5f66be..73a9539 100644
--- a/dcae-analytics/dcae-analytics-web/src/main/java/org/onap/dcae/analytics/web/http/HttpClientPreferencesCustomizer.java
+++ b/dcae-analytics/dcae-analytics-web/src/main/java/org/onap/dcae/analytics/web/http/HttpClientPreferencesCustomizer.java
@@ -20,6 +20,7 @@
package org.onap.dcae.analytics.web.http;
+import java.io.File;
import java.io.IOException;
import java.net.URL;
import java.security.KeyManagementException;
@@ -46,6 +47,8 @@ import org.apache.http.ssl.SSLContextBuilder;
import org.onap.dcae.analytics.model.AnalyticsHttpConstants;
import org.onap.dcae.analytics.model.util.function.StringToURLFunction;
import org.onap.dcae.analytics.web.util.AnalyticsWebUtils;
+import org.onap.dcaegen2.services.sdk.security.ssl.Password;
+import org.onap.dcaegen2.services.sdk.security.ssl.Passwords;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.web.client.RestTemplateCustomizer;
@@ -221,6 +224,7 @@ public class HttpClientPreferencesCustomizer<T extends HttpClientPreferences> im
if (!ignoreSSLValidation) {
logger.info("SSL Validation will be enforced for Http Client Id: {}", httpClientId);
+ setSslContextFromEnvironment(httpClientBuilder);
return;
}
@@ -236,6 +240,30 @@ public class HttpClientPreferencesCustomizer<T extends HttpClientPreferences> im
}
+ private void setSslContextFromEnvironment(HttpClientBuilder httpClientBuilder) {
+ final String caCertPath = System.getenv("DCAE_CA_CERTPATH");
+ if (!StringUtils.hasText(caCertPath)) {
+ return;
+ }
+ final SSLContextBuilder sslContextBuilder = new SSLContextBuilder();
+ final String truststoreFilename = "trust.jks";
+ final String truststorePassFilename = "trust.pass";
+ final String certDirPath = caCertPath.substring(0, caCertPath.lastIndexOf("/"));
+ final File truststoreFile = new File(certDirPath, truststoreFilename);
+ final File truststorePassFile = new File(certDirPath, truststorePassFilename);
+ final Password password = Passwords.fromFile(truststorePassFile);
+ password.use(chars -> {
+ try {
+ sslContextBuilder.loadTrustMaterial(truststoreFile, chars);
+ httpClientBuilder.setSSLContext(sslContextBuilder.build());
+ } catch (NoSuchAlgorithmException | KeyStoreException | CertificateException | IOException |
+ KeyManagementException e) {
+ logger.warn("Could not load trusted certificates from environment");
+ }
+ return null;
+ });
+ }
+
/**
* Header Request Interceptor adds defaults headers if not set explicitly