diff options
author | Piotr Jaszczyk <piotr.jaszczyk@nokia.com> | 2018-09-21 11:31:59 +0200 |
---|---|---|
committer | Piotr Jaszczyk <piotr.jaszczyk@nokia.com> | 2018-09-25 08:40:25 +0200 |
commit | e4bd899f657daa88274f1419314f43953a6bc1ef (patch) | |
tree | 387b84c7f7e922a304acd960068b82eefdd53e3b /test/csit/tests/dcaegen2-collectors-hv-ves | |
parent | b4c9fdb2aca5d283e16354c488460252c68c7d67 (diff) |
Use PKCS12 key and trust store in HV-VES Collector
Usage of keystore and truststore allows us to use JDK security
framework instead of openssl JNI bindings which are sometimes
problematic.
* Replace openssl with keytool when generating the scripts
Change-Id: Icaa21cd1db443b1dd8fe7e7c0523123df5ea2545
Issue-ID: DCAEGEN2-816
Signed-off-by: Piotr Jaszczyk <piotr.jaszczyk@nokia.com>
Diffstat (limited to 'test/csit/tests/dcaegen2-collectors-hv-ves')
-rw-r--r-- | test/csit/tests/dcaegen2-collectors-hv-ves/testcases/libraries/XnfSimulatorLibrary.py | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/test/csit/tests/dcaegen2-collectors-hv-ves/testcases/libraries/XnfSimulatorLibrary.py b/test/csit/tests/dcaegen2-collectors-hv-ves/testcases/libraries/XnfSimulatorLibrary.py index 26d5a91c2..f6a978754 100644 --- a/test/csit/tests/dcaegen2-collectors-hv-ves/testcases/libraries/XnfSimulatorLibrary.py +++ b/test/csit/tests/dcaegen2-collectors-hv-ves/testcases/libraries/XnfSimulatorLibrary.py @@ -6,7 +6,7 @@ from time import sleep XNF_SIMULATOR_NAME = "xNF Simulator" SIMULATOR_IMAGE_NAME = "onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-xnf-simulator" -SIMULATOR_IMAGE_FULL_NAME = os.getenv("DOCKER_REGISTRY") + "/" + SIMULATOR_IMAGE_NAME + ":latest" +SIMULATOR_IMAGE_FULL_NAME = os.getenv("DOCKER_REGISTRY_PREFIX") + SIMULATOR_IMAGE_NAME + ":latest" WORKSPACE_ENV = os.getenv("WORKSPACE") certificates_dir_path = WORKSPACE_ENV + "/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/" collector_certs_lookup_dir = "/etc/ves-hv/" @@ -128,11 +128,11 @@ class XnfSimulator: should_disable_ssl, should_connect_to_unencrypted_hv_ves): self.port = port - cert_name_prefix = "" if should_use_valid_certs else "invalid_" + cert_name_prefix = "" if should_use_valid_certs else "untrusted" certificates_path_with_file_prefix = collector_certs_lookup_dir + cert_name_prefix - self.cert_path = certificates_path_with_file_prefix + "client.crt" - self.key_path = certificates_path_with_file_prefix + "client.key" - self.trust_cert_path = certificates_path_with_file_prefix + "trust.crt" + self.key_store_path = certificates_path_with_file_prefix + "client.p12" + self.trust_store_path = certificates_path_with_file_prefix + "trust.p12" + self.sec_store_passwd = "onaponap" self.disable_ssl = should_disable_ssl self.hv_collector_host = "unencrypted-ves-hv-collector" \ if should_connect_to_unencrypted_hv_ves else "ves-hv-collector" @@ -141,10 +141,12 @@ class XnfSimulator: startup_command = ["--listen-port", self.port, "--ves-host", self.hv_collector_host, "--ves-port", "6061", - "--cert-file", self.cert_path, - "--private-key-file", self.key_path, - "--trust-cert-file", self.trust_cert_path] - if (self.disable_ssl): + "--key-store", self.key_store_path, + "--trust-store", self.trust_store_path, + "--key-store-password", self.sec_store_passwd, + "--trust-store-password", self.sec_store_passwd + ] + if self.disable_ssl: startup_command.append("--ssl-disable") return startup_command |