5 files changed, 29 insertions, 8 deletions
diff --git a/development/configuration/base.json b/development/configuration/base.json
index 1b723b72..9bf9194b 100644
--- a/development/configuration/base.json
+++ b/development/configuration/base.json
@@ -5,7 +5,7 @@
   "cbs.firstRequestDelaySec": 10,
   "cbs.requestIntervalSec": 5,
   "security.keys.keyStoreFile": "/etc/ves-hv/ssl/server.p12",
-  "security.keys.keyStorePassword": "onaponap",
+  "security.keys.keyStorePasswordFile": "/etc/ves-hv/ssl/server.pass",
   "security.keys.trustStoreFile": "/etc/ves-hv/ssl/trust.p12",
-  "security.keys.trustStorePassword": "onaponap"
+  "security.keys.trustStorePasswordFile": "/etc/ves-hv/ssl/trust.pass"
 }
 \ No newline at end of file
diff --git a/development/configuration/local.json b/development/configuration/local.json
index ebf2f82e..cfaaaa40 100644
--- a/development/configuration/local.json
+++ b/development/configuration/local.json
@@ -5,7 +5,7 @@
   "cbs.firstRequestDelaySec": 10,
   "cbs.requestIntervalSec": 5,
   "security.keys.keyStoreFile": "development/ssl/server.p12",
-  "security.keys.keyStorePassword": "onaponap",
+  "security.keys.keyStorePasswordFile": "development/ssl/server.pass",
   "security.keys.trustStoreFile": "development/ssl/trust.p12",
-  "security.keys.trustStorePassword": "onaponap"
+  "security.keys.trustStorePasswordFile": "development/ssl/server.pass"
 }
diff --git a/development/docker-compose.yml b/development/docker-compose.yml
index d135e8b4..9272c618 100644
--- a/development/docker-compose.yml
+++ b/development/docker-compose.yml
@@ -110,8 +110,9 @@ services:
               "--ves-host", "ves-hv-collector",
               "--ves-port", "6061",
               "--key-store", "/etc/ves-hv/client.p12",
-              "--key-store-password", "onaponap",
-              "--trust-store-password", "onaponap"]
+              "--key-store-password-file", "/etc/ves-hv/client.pass",
+              "--trust-store", "/etc/ves-hv/trust.p12",
+              "--trust-store-password-file", "/etc/ves-hv/trust.pass"]
     healthcheck:
       test: curl -f http://localhost:6063/health/ready || exit 1
       interval: 10s
diff --git a/development/ssl/.gitignore b/development/ssl/.gitignore
index 23888eb0..955c17d1 100644
--- a/development/ssl/.gitignore
+++ b/development/ssl/.gitignore
@@ -4,4 +4,4 @@
 *.csr
 *.pkcs12
 *.p12
-
+*.pass
diff --git a/development/ssl/gen-certs.sh b/development/ssl/gen-certs.sh
index b4f78227..bf28ca02 100755
--- a/development/ssl/gen-certs.sh
+++ b/development/ssl/gen-certs.sh
@@ -1,4 +1,21 @@
 #!/usr/bin/env bash
+# ============LICENSE_START=======================================================
+# csit-dcaegen2-collectors-hv-ves
+# ================================================================================
+# Copyright (C) 2018-2019 NOKIA
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
 
 set -eu -o pipefail -o xtrace
 
@@ -24,6 +41,8 @@ function gen_key() {
   keytool -certreq -alias ${key_name} -keyalg RSA ${keystore} | \
       keytool -alias ${ca} -gencert -ext "san=dns:${CN_PREFIX}-${ca}" ${store_opts} -keystore ${ca}.p12 | \
       keytool -alias ${key_name} -importcert ${keystore}
+
+  printf ${STORE_PASS} > ${key_name}.pass
 }
 
 
@@ -36,10 +55,11 @@ function gen_ca() {
 function gen_truststore() {
   local trusted_ca="$1"
   keytool -import -trustcacerts -alias ca -file ${trusted_ca}.crt ${store_opts} -keystore ${TRUST}.p12
+  printf ${STORE_PASS} > ${TRUST}.pass
 }
 
 function clean() {
-  rm -f *.crt *.p12
+  rm -f *.crt *.p12 *.pass
 }
 
 if [[ $# -eq 0 ]]; then