From 55b339f77d4944b17a4eeefb8ade6ff5f05a422d Mon Sep 17 00:00:00 2001
From: Matthieu Geerebaert <matthieu.geerebaert@orange.com>
Date: Fri, 10 Jan 2020 16:05:10 +0100
Subject: Add support for HTTPS with self signed certificates

Dual port 8080 & 8443

Change-Id: I4acda5a1064a62d663243be810b1e3d3e458e742
Issue-ID: EXTAPI-255
Signed-off-by: MatthieuGeerebaert <matthieu.geerebaert@orange.com>
---
 .../nbi/configuration/HttpAndHttpsContainer.java   |  47 +++++++++++++++++++++
 src/main/resources/application-ssl.properties      |  24 +++++++++++
 src/main/resources/application.properties          |   8 ++--
 src/main/resources/keystore/nbi.onap.p12           | Bin 0 -> 2651 bytes
 4 files changed, 75 insertions(+), 4 deletions(-)
 create mode 100644 src/main/java/org/onap/nbi/configuration/HttpAndHttpsContainer.java
 create mode 100644 src/main/resources/application-ssl.properties
 create mode 100644 src/main/resources/keystore/nbi.onap.p12

(limited to 'src/main')

diff --git a/src/main/java/org/onap/nbi/configuration/HttpAndHttpsContainer.java b/src/main/java/org/onap/nbi/configuration/HttpAndHttpsContainer.java
new file mode 100644
index 0000000..f63728f
--- /dev/null
+++ b/src/main/java/org/onap/nbi/configuration/HttpAndHttpsContainer.java
@@ -0,0 +1,47 @@
+/**
+ *     Copyright (c) 2020 Orange
+ *
+ *     Licensed under the Apache License, Version 2.0 (the "License");
+ *     you may not use this file except in compliance with the License.
+ *     You may obtain a copy of the License at
+ *
+ *         http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *     Unless required by applicable law or agreed to in writing, software
+ *     distributed under the License is distributed on an "AS IS" BASIS,
+ *     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *     See the License for the specific language governing permissions and
+ *     limitations under the License.
+ */
+
+package org.onap.nbi.configuration;
+
+import org.apache.catalina.connector.Connector;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
+import org.springframework.boot.web.servlet.server.ServletWebServerFactory;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Profile;
+import org.springframework.stereotype.Component;
+
+@Component
+@Profile("ssl")
+public class HttpAndHttpsContainer {
+
+    @Value("${http.port}")
+    private int httpPort;
+
+    @Bean
+    public ServletWebServerFactory servletContainer() {
+        TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory();
+        tomcat.addAdditionalTomcatConnectors(createStandardConnector());
+        return tomcat;
+    }
+
+    private Connector createStandardConnector() {
+        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
+        connector.setPort(httpPort);
+        return connector;
+    }
+
+}
diff --git a/src/main/resources/application-ssl.properties b/src/main/resources/application-ssl.properties
new file mode 100644
index 0000000..994083a
--- /dev/null
+++ b/src/main/resources/application-ssl.properties
@@ -0,0 +1,24 @@
+#
+#     Copyright (c) 2018 Orange
+#
+#     Licensed under the Apache License, Version 2.0 (the "License");
+#     you may not use this file except in compliance with the License.
+#     You may obtain a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#     Unless required by applicable law or agreed to in writing, software
+#     distributed under the License is distributed on an "AS IS" BASIS,
+#     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#     See the License for the specific language governing permissions and
+#     limitations under the License.
+#
+
+http.port=8080
+
+# tls/ssl
+server.port=8443
+server.ssl.key-store=classpath:keystore/nbi.onap.p12
+server.ssl.key-store-type=PKCS12
+server.ssl.key-store-password=externalapi
+server.ssl.key-alias=nbi.onap
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index fe0b9d1..b146afd 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -24,8 +24,8 @@ nbi.version                          = v4
 
 # SERVER
 server.servlet.context-path          = /nbi/api/${nbi.version}
-server.port                          = 8080
 server.public.ip                     = localhost
+server.port                          = 8080
 
 # LOGGING
 logging.level.                       = WARN
@@ -40,8 +40,8 @@ onap.tenantId                        = 6e97a2bd51d74f6db5671d8dc1517d82
 onap.cloudOwner                      = CloudOwner
 
 # NBI
-nbi.url                              = http://localhost:${server.port}${server.servlet.context-path}
-nbi.public.url                       = http://${server.public.ip}:${server.port}${server.servlet.context-path}
+nbi.url                              = https://localhost:${server.port}${server.servlet.context-path}
+nbi.public.url                       = https://${server.public.ip}:${server.port}${server.servlet.context-path}
 nbi.callForVNF                       = false
 
 # SCHEDULER
@@ -109,4 +109,4 @@ spring.datasource.validationQuery    = SELECT 1
 spring.datasource.driver-class-name  = org.mariadb.jdbc.Driver
 spring.jpa.show-sql                  = false
 spring.jpa.hibernate.ddl-auto        = update
-spring.jpa.hibernate.naming-strategy = org.hibernate.cfg.ImprovedNamingStrategy
\ No newline at end of file
+spring.jpa.hibernate.naming-strategy = org.hibernate.cfg.ImprovedNamingStrategy
diff --git a/src/main/resources/keystore/nbi.onap.p12 b/src/main/resources/keystore/nbi.onap.p12
new file mode 100644
index 0000000..6083f1d
Binary files /dev/null and b/src/main/resources/keystore/nbi.onap.p12 differ
-- 
cgit 1.2.3-korg