Updating certificates

Issue-ID: DCAEGEN2-1300 Change-Id: I9ce457b69e5866e77a465fb040d196b8905ca274 Signed-off-by: TamasBakai <tamas.bakai@est.tech>
author: TamasBakai <tamas.bakai@est.tech> 2019-04-10 10:02:21 +0000
committer: TamasBakai <tamas.bakai@est.tech> 2019-04-10 10:02:21 +0000
commit: 5983d76f162aef34740a05ae4e78c7d9e2b3c20a (patch)
tree: 8c06db1fc5317fbceebeb0178068a7fddc1f797f
parent: 814ddd12e695433b8c6a760cc9424dc1c0bae4d1 (diff)
12 files changed, 72 insertions, 22 deletions
diff --git a/datafile-app-server/config/cacerts b/datafile-app-server/config/cacerts
deleted file mode 100644
index 0cd28a92..00000000
--- a/datafile-app-server/config/cacerts
+++ /dev/null
diff --git a/datafile-app-server/config/dfc.jks.b64 b/datafile-app-server/config/dfc.jks.b64
new file mode 100644
index 00000000..51ef7157
--- /dev/null
+++ b/datafile-app-server/config/dfc.jks.b64
@@ -0,0 +1,38 @@
+/u3+7QAAAAIAAAABAAAAAQAJZGZjLWFsaWFzAAABaedrEsIAAAUDMIIE/zAOBgorBgEEASoCEQEB
+BQAEggTr39Fun17MOOGVKhhPeKYytr+zujW22QZYupkUVNYMy7FsPbKB2IkUuVl2V9Xdq2As29aO
+OP39WI2oLy9VU4rwfhl+3BSB33GIezCaDKrakc6tDbtKpiF8eZ7rbqrvGKNvzepNh72QSANxa6Us
+SY6KJcRk33VPok7G/c+FU5LH4un9D5xs7bEX2nCxzOzhaiodqZxWNJn6N3j89sD6Ofvq4h5lEhTJ
+uckdfCsYlIRk76l4M+a8gCEHEpWOBVGUsVJEvq9I0gk97+OBDFPnlCGC8ASwYSI7C7pOsiwCB8xr
+LdQsCCOpWIhh08CYVEFt8pTeD8GizBuLaO+mEQmrPgQMqwp7MB4fOTQHX63i6IY4iPTvjvBHjvvr
+QmyRoOOHLqTJ3onxXRkKIKGO6a0ruX6mh62RgAtcfB6TZxC0yMU9FnJOieU9/a8OXrXoqsA9u5kM
+Ri5KO+ad4w0FOeyP7Ya+s0ZrdNzFv+Ep7DoeL9gvs50Z4k0FMf854MwvwnK+BQ/qLdfIRCl5NvCq
+i1WDtVOPjahX0mzPQJclWARv9SFfiKmaQwW97P9t3UKgOCCrurA9uigZOqDax3sVmWOrE7kHVS0D
+P68gJResLR70mYi6ILfANdBJdM9cj48mX3Cvgs7hch2MSaFabUnH/G0MDZmp8XNF87N6eMJ5bkrU
+uiPNzvV3oh6W527kARH84TvYzH/c6+5dsQEpYTtEbLR+23xuNgB71aK4nrpQnaSeYlA2JW1uXg2A
+6Qi97Zfmbg2DD9ItUFJM27C+fUA5XbTCOILYwLPP9wEi6d+vo/xRuN+xBG1DNtV8mTROYki4LOWf
+4Djru2RQWSBrqspaMmWC+jh5uQyxxqVxxHzg+nyTFvedKaU7CdnKp/4wF29c17l876R+1ApIZA8C
+UN6NuElgMfH4l0TdwEXe4VO0rcSt9b+loSDu962BbDhG4qlky1hDdr3aYbKV6xrdlIS0GQzPeovX
+3WgtjE9pvtA0/U0LP8tjkjDkM8+oK4R5rmiZHxpRKmuIcC0EIeXvWKh8RxYg0B1d7tW4SWnOpsdH
+M84ym4A18EQ2Nch0aogmYodfsqhv4vX1llyoYJj3wdmP70vjOul2N4cs+ZyFnWZjMJ1JxjMoEJvU
+u0+p8GPAkzUhCoeocRibdt8P6cadpBubH2JOWbNpFVqtNQA2J9fRvAc/ZOU72AxTc85E4rsMJvxE
+qBXf6D+EvzpFQOchYVQH1bHMY8jFnXDLCMkVnuV4EizQMKQ3EQsFOo2bsV7Z+dNjAMZl8ODB2QOt
+ayX7IlNZs4F48SuSZ8IOk2zj3BysBlVAoIDncZ3knYZGyKpnj8NlogoAHSaYFLdSnSIJTY7qa/8/
+Cmv9CKk8tYk+3IJPDn+SsvAvtOLmBaCmTZ42P6OWsRBiEZucTENSXIo1oYxlQkm5Y+WWYVEnNK1r
+QrCOETVrIH1Y1XnhWRjOXhSnr46VOoVRefePzRL0a+6OkwUhmmvB48lcAw4XvnBrdA90tCpbSBsn
+ZV+/WVWQJovQGOk9WoSM96GcnmqxETI80Y5PgM+Ta1Fz0AQ3kRPlCdaBBgH5Gi8Vy2tXWhW8RNtZ
+ysq2vzv7edNSyLLLmf8cq3iYjzCThfXHbu5EeXnMna6YJ4z35si+zzYz4qb/Au5+09MaPWZn40m3
+hR+fQMdsyfnMH9MAAAABAAVYLjUwOQAAAxowggMWMIIB/gIJAKofXQItdxtQMA0GCSqGSIb3DQEB
+CwUAME0xCzAJBgNVBAYTAlNFMQowCAYDVQQIDAEwMQowCAYDVQQHDAEwMQowCAYDVQQKDAEwMQww
+CgYDVQQLDANFU1QxDDAKBgNVBAMMA0VTVDAeFw0xOTA0MDQwODAyNDBaFw0yMDA0MDMwODAyNDBa
+ME0xCzAJBgNVBAYTAlNFMQowCAYDVQQIDAEwMQowCAYDVQQHDAEwMQowCAYDVQQKDAEwMQwwCgYD
+VQQLDANFU1QxDDAKBgNVBAMMA0VTVDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMBj
+vAz2SF3s4hpmx9m/wTNZSctN6nNLHqGUC+NJtT9kGmr3hA4la3baFBBIcD5V2XzXzg+jI4pf6pF9
+sokK3ICtu/QOhaOW/XpY2z3fwD/RMYWH7rEDjrj8ZCY/8BcS4jS1JrYYSBeSFnS7Lo+Z2r7ywPph
+xHJUJ6otOrxupKphuk+sqdtmx3eXs/OlgJmBkt9agQ1Due5P4LuPikYac8qkafi5uKxxXedMjqfB
+TX0A17FOiKQgvW/XzP6Al29rxC0qKHl2337ZAm4nqU9zBNrvFWQya5XKvkVfAvXXIgiApG2SdY5t
+TsGNwqRA4bfGdZdlM3MtX+2HwYIJYm5EU9sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAZlrbePTi
++CFlj7/zUXJGyh4mzyj1oN4rkotP0lSlFpmW7gARdI0jegSF6dyhxzTsNOd1/HDt5IAudMP2JsZT
+GdHIS+C1bn3lqNvsDdO0QoawXNcW9qvL1F1WbpFEDgG3LxTItbvlmkCV9ze3AKaxHAqNKFd433Ri
+feyOlwRTzerx9kFTfkLGuCtbfiCmE+27NnuS8IkaOFgh8ixNxY5u8MZRE62VGFvzDa/UrgbdRx/A
+NMGLEr97rWYxRuGipXKgxiBK5TiJ1j6fgS+OzkjBqVczV1pRmYIYZmit4P/1pKkMR5RadDK+pgLR
+hjRUmQ575Yjolnavj0G1G2X+PFYNQjQTEe5O+fUWVi3/D8Pv8h1JUuzJ
diff --git a/datafile-app-server/config/ftp.jks.b64 b/datafile-app-server/config/ftp.jks.b64
new file mode 100644
index 00000000..59c651c2
--- /dev/null
+++ b/datafile-app-server/config/ftp.jks.b64
@@ -0,0 +1,15 @@
+/u3+7QAAAAIAAAABAAAAAgAEZnRwMQAAAWnnacXXAAVYLjUwOQAAAxowggMWMIIB/gIJANqIa95Y
+5eo2MA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAlNFMQowCAYDVQQIDAEwMQowCAYDVQQHDAEw
+MQowCAYDVQQKDAEwMQwwCgYDVQQLDANFU1QxDDAKBgNVBAMMA0VTVDAeFw0xOTA0MDQwODAyNDBa
+Fw0yMDA0MDMwODAyNDBaME0xCzAJBgNVBAYTAlNFMQowCAYDVQQIDAEwMQowCAYDVQQHDAEwMQow
+CAYDVQQKDAEwMQwwCgYDVQQLDANFU1QxDDAKBgNVBAMMA0VTVDCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBANKwXuU3+Bel69CkaPxb/eDeH0BU4Tzdnj3IkB3IgcU9DPo8j5sq61h05EJR
+mTOyXZ96AvOReXgKahUiQlEEvVJmTNBcp75+N+5Gv09AoIKWn8sDXrVBqT72nPY5zWV8tuAR2/bZ
+EuOLdqQJCyjcb2+XH6ssc9GBt7DSKJNWIk+/cIfCJjz23VqLXj04TLCGOwkEmMGiPp+/F++/jpCY
+rsW5XlPPS9Mv94H9n0/uOb63AdHP0B7iz3tzpSFsUpp8cuvB0wr7LPup7nm2mC2EKCh515IHSBdY
+iJLtFjXx0Q0lQH8UC3rgt86IoGXRpRtxA6BSKeiuEI3yBw1Ofseuf7UCAwEAATANBgkqhkiG9w0B
+AQsFAAOCAQEApUYeRMt7lH98b8LumvGKScP5Bej1YAJxk1Uoy4qGknBCHWLBziHi2r2WP/+CLJGu
+37I9VAXylFOIh157AtXJ/k7W6DHNvrxS0fNUlYPqigWoabI8WSZY50u+2BtqwY9m87rLwdkDeTEq
+A41thwvSx21Famnlv4pMTK83/nSMC2+QH/CVp556aB1F2xJVmqDWnx1R8XqPcCXOy59/tjMRkRk+
+gkph1vW+KS+PbX4t3NMNKPlZGeg9ZdCF1NOo3n9M0xlEcmn9RljqFWZAv4gupVgaI4+i1/EY1TKj
+5awonBl9merhp2EHN1IgiwMJkHfg2PP+qMheHfTv+x41ZaE0XIOl7YMTJ/iF3cyG/jWBQMzjwiGG
diff --git a/datafile-app-server/config/ftpKey.jks b/datafile-app-server/config/ftpKey.jks
deleted file mode 100644
index 2587b719..00000000
--- a/datafile-app-server/config/ftpKey.jks
+++ /dev/null
diff --git a/datafile-app-server/config/keystore b/datafile-app-server/config/keystore
deleted file mode 100644
index 26a16f75..00000000
--- a/datafile-app-server/config/keystore
+++ /dev/null
diff --git a/datafile-app-server/dpo/blueprints/k8s-datafile.yaml b/datafile-app-server/dpo/blueprints/k8s-datafile.yaml
index 015d1805..e345cf8e 100644
--- a/datafile-app-server/dpo/blueprints/k8s-datafile.yaml
+++ b/datafile-app-server/dpo/blueprints/k8s-datafile.yaml
@@ -98,9 +98,9 @@ node_templates:
               - concat: ["8433:", { get_input: host_port_secure}]
     properties:
       application_config:
-        dmaap.ftp.ftpesConfiguration.keyCert: "/config/ftpKey.jks"
+        dmaap.ftp.ftpesConfiguration.keyCert: "/config/dfc.jks"
         dmaap.ftp.ftpesConfiguration.keyPassword: "secret"
-        dmaap.ftp.ftpesConfiguration.trustedCA: "/config/cacerts"
+        dmaap.ftp.ftpesConfiguration.trustedCA: "/config/ftp.jks"
         dmaap.ftp.ftpesConfiguration.trustedCAPassword: "secret"
         dmaap.security.trustStorePath: "/opt/app/datafile/etc/cert/trust.jks"
         dmaap.security.trustStorePasswordPath: "/opt/app/datafile/etc/cert/trust.pass"
diff --git a/datafile-app-server/src/main/docker/Dockerfile b/datafile-app-server/src/main/docker/Dockerfile
index 6ab30cc2..f39f1cb5 100644
--- a/datafile-app-server/src/main/docker/Dockerfile
+++ b/datafile-app-server/src/main/docker/Dockerfile
@@ -25,16 +25,18 @@ RUN mkdir -p /var/log/ONAP
 ADD /target/datafile-app-server.jar /opt/app/datafile/
 
 ADD /config/application.yaml /opt/app/datafile/config/
-ADD /config/cacerts /opt/app/datafile/config/
+ADD /config/dfc.jks.b64 /opt/app/datafile/config/
 ADD /config/datafile_endpoints.json /opt/app/datafile/config/
-ADD /config/ftpKey.jks /opt/app/datafile/config/
-ADD /config/keystore /opt/app/datafile/config/
+ADD /config/ftp.jks.b64 /opt/app/datafile/config/
 
 EXPOSE 8100 8433
 
 RUN addgroup -S onap && adduser -S datafile -G onap
 RUN chown -R datafile:onap /opt/app/datafile
 RUN chown -R datafile:onap /var/log/ONAP
+RUN base64 -d /opt/app/datafile/config/dfc.jks.b64 > /opt/app/datafile/config/dfc.jks && base64 -d /opt/app/datafile/config/ftp.jks.b64 > /opt/app/datafile/config/ftp.jks 
+RUN chown -R root:root /opt/app/datafile/config/*
+RUN chmod -R 755 /opt/app/datafile/config/
 
 USER datafile
 
diff --git a/datafile-app-server/src/main/resources/datafile_endpoints.json b/datafile-app-server/src/main/resources/datafile_endpoints.json
index 0cf41887..d864c11d 100644
--- a/datafile-app-server/src/main/resources/datafile_endpoints.json
+++ b/datafile-app-server/src/main/resources/datafile_endpoints.json
@@ -26,9 +26,9 @@
         },
         "ftp": {
             "ftpesConfiguration": {
-                "keyCert": "config/ftpKey.jks",
+                "keyCert": "config/dfc.jks",
                 "keyPassword": "secret",
-                "trustedCA": "config/cacerts",
+                "trustedCA": "config/ftp.jks",
                 "trustedCAPassword": "secret"
             }
         }
diff --git a/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/AppConfigTest.java b/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/AppConfigTest.java
index 2c136304..1847e3b8 100644
--- a/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/AppConfigTest.java
+++ b/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/AppConfigTest.java
@@ -24,17 +24,14 @@ import static org.mockito.Mockito.spy;
 import static org.mockito.Mockito.times;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
-
 import com.google.gson.JsonElement;
 import com.google.gson.JsonObject;
 import com.google.gson.JsonParser;
-
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.nio.charset.StandardCharsets;
 import java.util.Objects;
-
 import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
@@ -186,9 +183,9 @@ class AppConfigTest {
         dmaapConfigs.add("dmaapProducerConfiguration", dmaapProducerConfigData);
 
         JsonObject ftpesConfigData = new JsonObject();
-        ftpesConfigData.addProperty("keyCert", "config/ftpKey.jks");
+        ftpesConfigData.addProperty("keyCert", "config/dfc.jks");
         ftpesConfigData.addProperty("keyPassword", "secret");
-        ftpesConfigData.addProperty("trustedCA", "config/cacerts");
+        ftpesConfigData.addProperty("trustedCA", "config/ftp.jks");
         ftpesConfigData.addProperty("trustedCAPassword", "secret");
 
         JsonObject security = new JsonObject();
diff --git a/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParserTest.java b/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParserTest.java
index b67fac23..1adb3709 100644
--- a/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParserTest.java
+++ b/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParserTest.java
@@ -17,9 +17,7 @@
 package org.onap.dcaegen2.collectors.datafile.configuration;
 
 import static org.assertj.core.api.Assertions.assertThat;
-
 import com.google.gson.JsonObject;
-
 import org.junit.jupiter.api.Test;
 import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.config.DmaapConsumerConfiguration;
 import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.config.DmaapPublisherConfiguration;
@@ -66,9 +64,9 @@ class CloudConfigParserTest {
 
     private static final ImmutableFtpesConfig CORRECT_FTPES_CONFIGURATION = //
             new ImmutableFtpesConfig.Builder() //
-                    .keyCert("/config/ftpKey.jks") //
+                    .keyCert("/config/dfc.jks") //
                     .keyPassword("secret") //
-                    .trustedCA("config/cacerts") //
+                    .trustedCA("config/ftp.jks") //
                     .trustedCAPassword("secret") //
                     .build();
 
@@ -119,9 +117,9 @@ class CloudConfigParserTest {
         config.addProperty("dmaap.dmaapProducerConfiguration.dmaapPortNumber", 3907);
         config.addProperty("dmaap.dmaapProducerConfiguration.dmaapUserName", "dradmin");
         config.addProperty("dmaap.dmaapProducerConfiguration.dmaapUserPassword", "dradmin");
-        config.addProperty("dmaap.ftpesConfig.keyCert", "/config/ftpKey.jks");
+        config.addProperty("dmaap.ftpesConfig.keyCert", "/config/dfc.jks");
         config.addProperty("dmaap.ftpesConfig.keyPassword", "secret");
-        config.addProperty("dmaap.ftpesConfig.trustedCA", "config/cacerts");
+        config.addProperty("dmaap.ftpesConfig.trustedCA", "config/ftp.jks");
         config.addProperty("dmaap.ftpesConfig.trustedCAPassword", "secret");
 
         config.addProperty("dmaap.security.trustStorePath", "trustStorePath");
diff --git a/datafile-app-server/src/test/resources/datafile_endpoints.json b/datafile-app-server/src/test/resources/datafile_endpoints.json
index a9545f40..8cf3224a 100644
--- a/datafile-app-server/src/test/resources/datafile_endpoints.json
+++ b/datafile-app-server/src/test/resources/datafile_endpoints.json
@@ -26,9 +26,9 @@
         },
         "ftp": {
             "ftpesConfiguration": {
-                "keyCert": "/config/ftpKey.jks",
+                "keyCert": "/config/dfc.jks",
                 "keyPassword": "secret",
-                "trustedCA": "/config/ftpKey.jks",
+                "trustedCA": "/config/ftp.jks",
                 "trustedCAPassword": "secret"
             }
         },
diff --git a/docker-compose/docker-compose.yml b/docker-compose/docker-compose.yml
index 481072f1..010e7468 100644
--- a/docker-compose/docker-compose.yml
+++ b/docker-compose/docker-compose.yml
@@ -21,9 +21,9 @@ services:
       --dmaap.dmaapProducerConfiguration.dmaapUserName=dradmin
       --dmaap.dmaapProducerConfiguration.dmaapUserPassword=dradmin
       --dmaap.dmaapProducerConfiguration.dmaapContentType=application/octet-stream
-      --dmaap.ftpesConfig.keyCert=config/ftpKey.jks
+      --dmaap.ftpesConfig.keyCert=config/dfc.jks
       --dmaap.ftpesConfig.keyPassword=secret
-      --dmaap.ftpesConfig.trustedCA=config/cacerts
+      --dmaap.ftpesConfig.trustedCA=config/ftp.jks
       --dmaap.ftpesConfig.trustedCAPassword=secret
     entrypoint:
     - java
author	TamasBakai <tamas.bakai@est.tech>	2019-04-10 10:02:21 +0000
committer	TamasBakai <tamas.bakai@est.tech>	2019-04-10 10:02:21 +0000
commit	5983d76f162aef34740a05ae4e78c7d9e2b3c20a (patch)
tree	8c06db1fc5317fbceebeb0178068a7fddc1f797f
parent	814ddd12e695433b8c6a760cc9424dc1c0bae4d1 (diff)