Use PKCS12 key and trust store in HV-VES Collector

Usage of keystore and truststore allows us to use JDK security
framework instead of openssl JNI bindings which are sometimes
problematic.

* Replace openssl with keytool when generating the scripts

Change-Id: Icaa21cd1db443b1dd8fe7e7c0523123df5ea2545
Issue-ID: DCAEGEN2-816
Signed-off-by: Piotr Jaszczyk <piotr.jaszczyk@nokia.com>

1 files changed, 37 insertions, 1 deletions

diff --git a/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/README.md b/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/README.md
index 174c16641..c2819d249 100644
--- a/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/README.md
+++ b/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/README.md
@@ -1,5 +1,23 @@
 # Generating SSL certificates
 
+## Java keytool way (recommended)
+
+To generate:
+
+```shell
+./gen-certs.sh
+```
+
+To clean (remove generated files):
+
+```shell
+./gen-certs.sh clean
+```
+
+## OpenSSL way (currently might not work)
+
+> Add `-f Makefile-openssl` to each command
+
 Typical usage:
 
 ```shell
@@ -7,12 +25,30 @@ make FILE=client
 make FILE=server
 ```
 
+or (to generate PKCS12 key and trust stores):
+
+```shell
+make create-key-store FILE=client
+make create-key-store FILE=server
+make create-trust-store
+```
+
 Will generate CA certificate and signed client and server certificates.
 
 More "low-level" usage:
 
 ```shell
 make generate-ca-certificate
-make generate-private-key FILE=client
+make generate-private-key FILE=client 
 make sign FILE=client
 ```
+
+# Connecting to a server
+
+First generate *client* and *server* certificates. Then start a server with it's cert and make ca.crt a trusted certification authority.
+
+After that you can:
+
+```shell
+./connect.sh client localhost:8600 < file_with_a_data_to_be_sent.dat
+```