Merge "[DMAAP-DR] Refactoring ssl csit suite"

18 files changed, 338 insertions, 269 deletions

diff --git a/plans/dmaap-datarouter/ssl-dr-suite/setup.sh b/plans/dmaap-datarouter/ssl-dr-suite/setup.sh
index e1f2cb46..53b4387c 100755
--- a/plans/dmaap-datarouter/ssl-dr-suite/setup.sh
+++ b/plans/dmaap-datarouter/ssl-dr-suite/setup.sh
@@ -1,8 +1,7 @@
 #!/bin/bash
-#
-# ============LICENSE_START=======================================================
-#  Copyright (C) 2019 Nordix Foundation.
-# ================================================================================
+# ============LICENSE_START===================================================
+#  Copyright (C) 2019-2021 Nordix Foundation.
+# ============================================================================
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -16,83 +15,11 @@
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
-# ============LICENSE_END=========================================================
-#
-
-
-source ${SCRIPTS}/common_functions.sh
-
-# Clone DMaaP Data Router repo
-mkdir -p $WORKSPACE/archives/dmaapdr
-cd $WORKSPACE/archives/dmaapdr
-
-git clone --depth 1 https://gerrit.onap.org/r/dmaap/datarouter -b master
-cd datarouter
-git pull
-cd $WORKSPACE/archives/dmaapdr/datarouter/datarouter-docker-compose/src/main/resources
-cp $WORKSPACE/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/docker-compose.yml .
-cp $WORKSPACE/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/provserver.properties ./prov_data/provserver.properties
-cp $WORKSPACE/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/node.properties ./node_data/node.properties
-
-# start DMaaP DR containers with docker compose and configuration from docker-compose.yml
-docker login -u docker -p docker nexus3.onap.org:10001
-docker-compose up -d
-
-# Wait for initialization of Docker container for datarouter-node, datarouter-prov and mariadb
-for i in {1..10}; do
-    if [ $(docker inspect --format '{{ .State.Running }}' subscriber-node2) ] && \
-        [ $(docker inspect --format '{{ .State.Running }}' subscriber-node) ] && \
-        [ $(docker inspect --format '{{ .State.Running }}' datarouter-node) ] && \
-        [ $(docker inspect --format '{{ .State.Running }}' datarouter-prov) ] && \
-        [ $(docker inspect --format '{{ .State.Running }}' mariadb) ]
-    then
-        echo "DR Service Running"
-        break
-    else
-        echo sleep $i
-        sleep $i
-    fi
-done
-
-# Wait for healthy container datarouter-prov
-for i in {1..10}; do
-    if [ "$(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov)" = 'healthy' ]
-    then
-        echo datarouter-prov.State.Health.Status is $(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov)
-        echo "DR Service Running, datarouter-prov container is healthy"
-        break
-    else
-        echo datarouter-prov.State.Health.Status is $(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov)
-        echo sleep $i
-        sleep $i
-        if [ $i = 10 ]
-        then
-            echo datarouter-prov container is not in healthy state - the test is not made, teardown...
-            cd $WORKSPACE/archives/dmaapdr/datarouter/datarouter-docker-compose/src/main/resources
-            docker-compose rm -sf
-            exit 1
-        fi
-    fi
-done
-
-DR_PROV_IP=`get-instance-ip.sh datarouter-prov`
-DR_NODE_IP=`get-instance-ip.sh datarouter-node`
-DR_SUB_IP=`get-instance-ip.sh subscriber-node`
-DR_SUB2_IP=`get-instance-ip.sh subscriber-node2`
-DR_GATEWAY_IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.Gateway}}{{end}}' datarouter-prov)
-
-echo DR_PROV_IP=${DR_PROV_IP}
-echo DR_NODE_IP=${DR_NODE_IP}
-echo DR_SUB_IP=${DR_SUB_IP}
-echo DR_SUB2_IP=${DR_SUB2_IP}
-echo DR_GATEWAY_IP=${DR_GATEWAY_IP}
-
-sudo sed -i "$ a $DR_PROV_IP dmaap-dr-prov" /etc/hosts
-sudo sed -i "$ a $DR_NODE_IP dmaap-dr-node" /etc/hosts
-
-python $WORKSPACE/scripts/dmaap-datarouter/update_ca.py
-
-docker exec -i datarouter-prov sh -c "curl -k -X PUT https://$DR_PROV_IP:8443/internal/api/PROV_AUTH_ADDRESSES?val=dmaap-dr-prov\|$DR_GATEWAY_IP"
-
-#Pass any variables required by Robot test suites in ROBOT_VARIABLES
-ROBOT_VARIABLES="-v DR_PROV_IP:${DR_PROV_IP} -v DR_NODE_IP:${DR_NODE_IP} -v DR_SUB_IP:${DR_SUB_IP} -v DR_SUB2_IP:${DR_SUB2_IP}"
\ No newline at end of file
+# ============LICENSE_END=====================================================
+
+source ${WORKSPACE}/scripts/dmaap-datarouter/datarouter-launch.sh
+# Launch DR. If true is passed, 2 subscriber containers are also deployed, else false.
+dmaap_dr_launch true
+cd ${WORKSPACE}/scripts/dmaap-datarouter/robot_ssl
+# Add the root CA to robot framework. This is then removed on teardown.
+python -c 'import update_ca; update_ca.add_onap_ca_cert()'
\ No newline at end of file
diff --git a/plans/dmaap-datarouter/ssl-dr-suite/teardown.sh b/plans/dmaap-datarouter/ssl-dr-suite/teardown.sh
index d8ec4dc9..7ffd1fe2 100755
--- a/plans/dmaap-datarouter/ssl-dr-suite/teardown.sh
+++ b/plans/dmaap-datarouter/ssl-dr-suite/teardown.sh
@@ -1,8 +1,7 @@
 #!/bin/bash
-#
-# ============LICENSE_START=======================================================
-#  Copyright (C) 2019 Nordix Foundation.
-# ================================================================================
+# ============LICENSE_START===================================================
+#  Copyright (C) 2019-2021 Nordix Foundation.
+# ============================================================================
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -16,11 +15,18 @@
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
-# ============LICENSE_END=========================================================
-#
+# ============LICENSE_END=====================================================
 
-cd $WORKSPACE/archives/dmaapdr/datarouter/datarouter-docker-compose/src/main/resources
+cd ${WORKSPACE}/archives/dmaap/dr
+rm -rf last_run_logs/*
+docker cp datarouter-prov:/opt/app/datartr/logs last_run_logs/prov_logs
+docker cp datarouter-node:/opt/app/datartr/logs last_run_logs/node_event_logs
+docker cp datarouter-node:/var/log/onap/datarouter last_run_logs/node_server_logs
+docker cp subscriber-node:/var/log/onap/datarouter last_run_logs/sub1_logs
+docker cp subscriber-node2:/var/log/onap/datarouter last_run_logs/sub2_logs
+cd ${WORKSPACE}/scripts/dmaap-datarouter/docker-compose
 sudo sed -i".bak" '/dmaap-dr-prov/d' /etc/hosts
 sudo sed -i".bak" '/dmaap-dr-node/d' /etc/hosts
 docker-compose rm -sf
-python $WORKSPACE/scripts/dmaap-datarouter/remove_cert_from_ca.py
+cd ${WORKSPACE}/scripts/dmaap-datarouter/robot_ssl
+python -c 'import update_ca; update_ca.remove_onap_ca_cert()'
diff --git a/scripts/dmaap-datarouter/datarouter-launch.sh b/scripts/dmaap-datarouter/datarouter-launch.sh
new file mode 100644
index 00000000..0339e389
--- /dev/null
+++ b/scripts/dmaap-datarouter/datarouter-launch.sh
@@ -0,0 +1,92 @@
+#!/bin/bash
+#
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2021 Nordix Foundation.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+#
+
+function dmaap_dr_launch() {
+
+    subscribers_required=$1
+    mkdir -p ${WORKSPACE}/archives/dmaap/dr/last_run_logs
+    cd ${WORKSPACE}/scripts/dmaap-datarouter/docker-compose
+
+    # start DMaaP DR containers with docker compose and configuration from docker-compose.yml
+    docker login -u docker -p docker nexus3.onap.org:10001
+    if [[ ${subscribers_required} == true ]]; then
+		docker-compose up -d
+    else
+        docker-compose up -d datarouter-prov datarouter-node mariadb
+	fi
+
+    # Wait for initialization of Docker container for datarouter-node, datarouter-prov and mariadb
+    for i in 1 2 3 4 5 6 7 8 9 10; do
+        if [[ $(docker inspect --format '{{ .State.Running }}' datarouter-node) ]] && \
+            [[ $(docker inspect --format '{{ .State.Running }}' datarouter-prov) ]] && \
+            [[ $(docker inspect --format '{{ .State.Running }}' mariadb) ]]
+        then
+            echo "DR Service Running"
+            break
+        else
+            echo sleep ${i}
+            sleep ${i}
+        fi
+    done
+
+    # Wait for healthy container datarouter-prov
+    for i in 1 2 3 4 5 6 7 8 9 10; do
+        if [[ "$(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov)" = 'healthy' ]]
+        then
+            echo datarouter-prov.State.Health.Status is $(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov)
+            echo "DR Service Running, datarouter-prov container is healthy"
+            break
+        else
+            echo datarouter-prov.State.Health.Status is $(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov)
+            echo sleep ${i}
+            sleep ${i}
+            if [[ ${i} = 10 ]]
+            then
+                echo datarouter-prov container is not in healthy state - the test is not made, teardown...
+                docker-compose rm -sf
+                exit 1
+            fi
+        fi
+    done
+
+    DR_PROV_IP=`get-instance-ip.sh datarouter-prov`
+    DR_NODE_IP=`get-instance-ip.sh datarouter-node`
+    DR_GATEWAY_IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.Gateway}}{{end}}' datarouter-prov)
+    echo DR_PROV_IP=${DR_PROV_IP}
+    echo DR_NODE_IP=${DR_NODE_IP}
+    echo DR_GATEWAY_IP=${DR_GATEWAY_IP}
+    if [[ ${subscribers_required} == true ]]
+	then
+		DR_SUB_IP=`get-instance-ip.sh subscriber-node`
+        DR_SUB2_IP=`get-instance-ip.sh subscriber-node2`
+        echo DR_SUB_IP=${DR_SUB_IP}
+        echo DR_SUB2_IP=${DR_SUB2_IP}
+	fi
+
+
+    sudo sed -i "$ a $DR_PROV_IP dmaap-dr-prov" /etc/hosts
+    sudo sed -i "$ a $DR_NODE_IP dmaap-dr-node" /etc/hosts
+
+    docker exec -i datarouter-prov sh -c "curl -k -X PUT https://$DR_PROV_IP:8443/internal/api/PROV_AUTH_ADDRESSES?val=dmaap-dr-prov\|$DR_GATEWAY_IP"
+
+    #Pass any variables required by Robot test suites in ROBOT_VARIABLES
+    ROBOT_VARIABLES="-v DR_PROV_IP:${DR_PROV_IP} -v DR_NODE_IP:${DR_NODE_IP} -v DR_SUB_IP:${DR_SUB_IP} -v DR_SUB2_IP:${DR_SUB2_IP}"
+}
\ No newline at end of file
diff --git a/scripts/dmaap-datarouter/datarouterCA.crt b/scripts/dmaap-datarouter/datarouterCA.crt
deleted file mode 100644
index a8a0ed84..00000000
--- a/scripts/dmaap-datarouter/datarouterCA.crt
+++ /dev/null
@@ -1,39 +0,0 @@
-
-# Issuer: C=US,O=ONAP,OU=OSAAF
-# Subject: C=US,O=ONAP,OU=OSAAF
-# Label: ""
-# Serial: 0x9EAEEDC0A7CEB59D
-# MD5 Fingerprint: 77:EB:5E:94:2E:B7:A3:45:97:6C:87:FE:A7:F7:64:0F
-# SHA1 Fingerprint: 90:25:D1:D3:8B:3C:BE:2C:73:E9:6C:1A:48:5B:06:A8:39:0D:54:3B
-# SHA256 Fingerprint: 1F:C2:BB:F6:7E:11:6F:F0:4C:C3:D9:6C:73:E5:99:B7:CA:7D:4D:EF:AA:6C:69:46:0D:2C:7B:A9:E4:23:5F:EA
------BEGIN CERTIFICATE-----
-MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV
-BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx
-NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK
-DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
-ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7
-XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn
-H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM
-pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7
-NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg
-2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY
-wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd
-ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM
-P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6
-aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY
-PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G
-A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ
-UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN
-BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz
-L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9
-7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx
-c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf
-jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2
-RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h
-PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF
-CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+
-Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A
-cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR
-ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX
-dYY=
------END CERTIFICATE-----
\ No newline at end of file
diff --git a/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/docker-compose.yml b/scripts/dmaap-datarouter/docker-compose/docker-compose.yml
index ed8a7c04..377e5514 100644
--- a/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/docker-compose.yml
+++ b/scripts/dmaap-datarouter/docker-compose/docker-compose.yml
@@ -1,6 +1,6 @@
 #
 # ============LICENSE_START=======================================================
-#  Copyright (C) 2019 Nordix Foundation.
+#  Copyright (C) 2019-21 Nordix Foundation.
 # ================================================================================
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -29,11 +29,12 @@ services:
     - "8443:8443"
     - "8080:8080"
     volumes:
-    - ./prov_data/provserver.properties:/opt/app/datartr/etc/provserver.properties
-    - ./prov_data/addSubscriber.txt:/opt/app/datartr/addSubscriber.txt
-    - ./prov_data/addFeed3.txt:/opt/app/datartr/addFeed3.txt
+    - ./provserver.properties:/opt/app/datartr/etc/provserver.properties
+    - ../dr_certs/dr_prov/truststore.jks:/opt/app/osaaf/local/truststore.jks
+    - ../dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12:/opt/app/osaaf/local/org.onap.dmaap-dr-prov.p12
+    - ../dr_certs/dr_prov/org.onap.dmaap-dr.cred.props:/opt/app/osaaf/local/org.onap.dmaap-dr.cred.props
     depends_on:
-      mariadb_container:
+      mariadb:
         condition: service_healthy
     healthcheck:
       test: ["CMD", "curl", "-f", "http://dmaap-dr-prov:8080/internal/prov"]
@@ -53,7 +54,10 @@ services:
     - "9443:8443"
     - "9090:8080"
     volumes:
-    - ./node_data/node.properties:/opt/app/datartr/etc/node.properties
+    - ./node.properties:/opt/app/datartr/etc/node.properties
+    - ../dr_certs/dr_node/truststore.jks:/opt/app/osaaf/local/truststore.jks
+    - ../dr_certs/dr_node/org.onap.dmaap-dr-node.p12:/opt/app/osaaf/local/org.onap.dmaap-dr-node.p12
+    - ../dr_certs/dr_node/org.onap.dmaap-dr.cred.props:/opt/app/osaaf/local/org.onap.dmaap-dr.cred.props
     depends_on:
       datarouter-prov:
         condition: service_healthy
@@ -69,7 +73,7 @@ services:
     ports:
     - "7070:7070"
     volumes:
-    - ./subscriber_data/subscriber.properties:/opt/app/subscriber/etc/subscriber.properties
+    - ./subscriber.properties:/opt/app/subscriber/etc/subscriber.properties
     networks:
       testing_net:
         aliases:
@@ -82,13 +86,13 @@ services:
     ports:
     - "7071:7070"
     volumes:
-    - ./subscriber_data/subscriber.properties:/opt/app/subscriber/etc/subscriber.properties
+    - ./subscriber.properties:/opt/app/subscriber/etc/subscriber.properties
     networks:
       testing_net:
         aliases:
         - subscriber2.com
 
-  mariadb_container:
+  mariadb:
     image: mariadb:10.2.14
     container_name: mariadb
     hostname: datarouter-mariadb
diff --git a/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/node.properties b/scripts/dmaap-datarouter/docker-compose/node.properties
index 1d7a5d42..58639cfd 100644
--- a/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/node.properties
+++ b/scripts/dmaap-datarouter/docker-compose/node.properties
@@ -1,25 +1,20 @@
-#-------------------------------------------------------------------------------
-# ============LICENSE_START==================================================
-# * org.onap.dmaap
-# * ===========================================================================
-# * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
-# * ===========================================================================
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-#  *      http://www.apache.org/licenses/LICENSE-2.0
-# *
-#  * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-# * ============LICENSE_END====================================================
-# *
-# * ECOMP is a trademark and service mark of AT&T Intellectual Property.
-# *
-#-------------------------------------------------------------------------------
+# ============LICENSE_START===================================================
+#  Copyright (C) 2019-2021 Nordix Foundation.
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=====================================================
 #
 #    Configuration parameters set at startup for the DataRouter node
 #
diff --git a/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/provserver.properties b/scripts/dmaap-datarouter/docker-compose/provserver.properties
index 3930bd09..b54868e2 100755
--- a/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/provserver.properties
+++ b/scripts/dmaap-datarouter/docker-compose/provserver.properties
@@ -1,26 +1,20 @@
-#-------------------------------------------------------------------------------
-# ============LICENSE_START==================================================
-# * org.onap.dmaap
-# * ===========================================================================
-# * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
-# * Modifications Copyright (C) 2018 Nokia. All rights reserved.
-# * ===========================================================================
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-#  *      http://www.apache.org/licenses/LICENSE-2.0
-# *
-#  * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-# * ============LICENSE_END====================================================
-# *
-# * ECOMP is a trademark and service mark of AT&T Intellectual Property.
-# *
-#-------------------------------------------------------------------------------
+# ============LICENSE_START===================================================
+#  Copyright (C) 2019-2021 Nordix Foundation.
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=====================================================
 
 #Jetty Server properties
 org.onap.dmaap.datarouter.provserver.http.port           = 8080
diff --git a/scripts/dmaap-datarouter/docker-compose/subscriber.properties b/scripts/dmaap-datarouter/docker-compose/subscriber.properties
new file mode 100644
index 00000000..311bbe56
--- /dev/null
+++ b/scripts/dmaap-datarouter/docker-compose/subscriber.properties
@@ -0,0 +1,35 @@
+# ============LICENSE_START===================================================
+#  Copyright (C) 2019-2021 Nordix Foundation.
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=====================================================
+
+#Subscriber properties
+org.onap.dmaap.datarouter.subscriber.http.port           = 7070
+org.onap.dmaap.datarouter.subscriber.https.port          = 7443
+org.onap.dmaap.datarouter.subscriber.auth.user           = LOGIN
+org.onap.dmaap.datarouter.subscriber.auth.password       = PASSWORD
+org.onap.dmaap.datarouter.subscriber.delivery.dir        = /opt/app/subscriber/delivery
+
+org.onap.dmaap.datarouter.subscriber.https.relaxation    = true
+org.onap.dmaap.datarouter.subscriber.keystore.type       = jks
+org.onap.dmaap.datarouter.subscriber.keymanager.password = changeit
+org.onap.dmaap.datarouter.subscriber.keystore.path       = /opt/app/datartr/self_signed/keystore.jks
+org.onap.dmaap.datarouter.subscriber.keystore.password   = changeit
+org.onap.dmaap.datarouter.subscriber.truststore.path     = /opt/app/datartr/self_signed/cacerts.jks
+org.onap.dmaap.datarouter.subscriber.truststore.password = changeit
+
+
+
diff --git a/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr-node.p12 b/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr-node.p12
new file mode 100644
index 00000000..3793a9d4
--- /dev/null
+++ b/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr-node.p12
diff --git a/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr.cred.props b/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr.cred.props
new file mode 100644
index 00000000..e32e7282
--- /dev/null
+++ b/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr.cred.props
@@ -0,0 +1,17 @@
+############################################################
+# Properties Generated by AT&T Certificate Manager
+#   by root
+#   on 2021-03-12T11:38:49.244+0000
+# @copyright 2019, AT&T
+############################################################
+Challenge=secret
+cadi_alias=dmaap-dr-node@dmaap-dr.onap.org
+cadi_key_password=secret
+#cadi_keyfile=/opt/app/osaaf/local/org.onap.dmaap-dr.keyfile
+cadi_keystore=/opt/app/osaaf/local/org.onap.dmaap-dr-node.p12
+cadi_keystore_password=secret
+cadi_keystore_password_jks=secret
+cadi_keystore_password_p12=secret
+cadi_truststore=/opt/app/osaaf/local/truststore.jks
+cadi_truststore_password=secret
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
diff --git a/scripts/dmaap-datarouter/dr_certs/dr_node/truststore.jks b/scripts/dmaap-datarouter/dr_certs/dr_node/truststore.jks
new file mode 100644
index 00000000..91547c60
--- /dev/null
+++ b/scripts/dmaap-datarouter/dr_certs/dr_node/truststore.jks
diff --git a/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12 b/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12
new file mode 100755
index 00000000..1393fb05
--- /dev/null
+++ b/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12
diff --git a/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr.cred.props b/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr.cred.props
new file mode 100644
index 00000000..18f91ba8
--- /dev/null
+++ b/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr.cred.props
@@ -0,0 +1,17 @@
+############################################################
+# Properties Generated by AT&T Certificate Manager
+#   by root
+#   on 2021-03-12T11:29:50.699+0000
+# @copyright 2019, AT&T
+############################################################
+Challenge=secret
+cadi_alias=dmaap-dr-prov@dmaap-dr.onap.org
+cadi_key_password=secret
+#cadi_keyfile=/opt/app/osaaf/local/org.onap.dmaap-dr.keyfile
+cadi_keystore=/opt/app/osaaf/local/org.onap.dmaap-dr-prov.p12
+cadi_keystore_password=secret
+cadi_keystore_password_jks=secret
+cadi_keystore_password_p12=secret
+cadi_truststore=/opt/app/osaaf/local/truststore.jks
+cadi_truststore_password=secret
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
diff --git a/scripts/dmaap-datarouter/dr_certs/dr_prov/truststore.jks b/scripts/dmaap-datarouter/dr_certs/dr_prov/truststore.jks
new file mode 100644
index 00000000..91547c60
--- /dev/null
+++ b/scripts/dmaap-datarouter/dr_certs/dr_prov/truststore.jks
diff --git a/scripts/dmaap-datarouter/remove_cert_from_ca.py b/scripts/dmaap-datarouter/remove_cert_from_ca.py
deleted file mode 100644
index 4ed9b777..00000000
--- a/scripts/dmaap-datarouter/remove_cert_from_ca.py
+++ /dev/null
@@ -1,51 +0,0 @@
-#
-# ============LICENSE_START=======================================================
-#  Copyright (C) 2019 Nordix Foundation.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# SPDX-License-Identifier: Apache-2.0
-# ============LICENSE_END=========================================================
-#
-
-import certifi
-import os
-
-cafile = certifi.where()
-number_of_lines_to_delete = 39
-count = 0
-dr_cert_exists = False
-
-with open(cafile, 'r+b', buffering=0) as outfile:
-    for line in outfile.readlines()[-35:-34]:
-        if '# Serial: 0x9EAEEDC0A7CEB59D'.encode() in line:
-            dr_cert_exists = True
-    if dr_cert_exists:
-        outfile.seek(0, os.SEEK_END)
-        end = outfile.tell()
-        while outfile.tell() > 0:
-            outfile.seek(-1, os.SEEK_CUR)
-            char = outfile.read(1)
-            if char == b'\n':
-                count += 1
-            if count == number_of_lines_to_delete:
-                outfile.truncate()
-                print("Removed " + str(number_of_lines_to_delete) + " lines from end of CA File")
-                exit(0)
-            outfile.seek(-1, os.SEEK_CUR)
-    else:
-        print("No DR cert in CA File to remove")
-
-if count < number_of_lines_to_delete + 1:
-    print("Number of lines in file less than number of lines to delete. Exiting...")
-    exit(1)
diff --git a/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem b/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem
new file mode 100644
index 00000000..1f9d08e5
--- /dev/null
+++ b/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem
@@ -0,0 +1,40 @@
+
+# Issuer: C=US,O=ONAP,OU=OSAAF
+# Subject: C=US,O=ONAP,OU=OSAAF
+# Label: ""
+# Serial: 0x9EAEEDC0A7CEB59D
+# MD5 Fingerprint: 77:EB:5E:94:2E:B7:A3:45:97:6C:87:FE:A7:F7:64:0F
+# SHA1 Fingerprint: 90:25:D1:D3:8B:3C:BE:2C:73:E9:6C:1A:48:5B:06:A8:39:0D:54:3B
+# SHA256 Fingerprint: 1F:C2:BB:F6:7E:11:6F:F0:4C:C3:D9:6C:73:E5:99:B7:CA:7D:4D:EF:AA:6C:69:46:0D:2C:7B:A9:E4:23:5F:EA
+-----BEGIN CERTIFICATE-----
+MIIFczCCA1ugAwIBAgIUVl0TXS1NTKZy68+AFpfvCBbs3JwwDQYJKoZIhvcNAQEL
+BQAwQTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExDTALBgNVBAoM
+BE9OQVAxDjAMBgNVBAsMBU9TQUFGMB4XDTIxMDMxNjE1MjA1MloXDTQxMDMxMTE1
+MjA1MlowQTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExDTALBgNV
+BAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A
+MIICCgKCAgEA1NdArmwTe6C9NZnMAPP0uvy9IH/+Lc9dgO9+j6F+JqLDXn+O5vaj
+6EMU5o60sGzymbMdwk26jiR7KYG8puZzI0EsjwELrLV5NYrUR1y7g+sbJWFUiB0X
+SseifQD9bSG0YBX7J6bQEilh18+oWpXIygl8/VJuiuDhaYdakmwn9AxQRm/zRDcI
+tMS49gq7ARpwMrZaZkQ5eL2R0eX4yj915fAgsvLNmfNTkkTCTBuGYAfixz2+uz8r
+4xZqxXrln6CVe6pV5MOxxQsJq0QfSfNxKFqhVJTSj3STG8UDKDPIcTqVLS6v3/iY
+WX43pHuqjfrGLy3HjPCIWphsx9EWq02bnLvwsnibRgfXjZNbdhePOZV8Xd+4MfHy
+uyFRf5xHvQm3f3vLtCQ1rmHk/3wb2Mb1SbTGt6sL6Waqs/VnnPyTwhXJk6RnU991
+qAnqSCLzKNEPNnpSTQKU35NPbdCAw/z97K5Ar8JWH2XiM65dV0j0d/Ura0PXUXRN
+Royi7rREJKBMFszwxqCCHZkH6/Fbs8vmBWC1gLQgDqK+IgU1/+ytUPOsMVqPcNjM
+RrZyd8xCoxEyd+Ly6y2EF9RE6qS/rlW/yUh3AIBlpcsVxc+Kh1nvNRLLJzHvrvSs
+wvd6LpWHVaffO02hp3suXDwOtLq91lAHLA48iDty/Js+jFjohZJ/+LsCAwEAAaNj
+MGEwHQYDVR0OBBYEFMeiRem06VRh0sL0L5k9B5A01QAoMB8GA1UdIwQYMBaAFMei
+Rem06VRh0sL0L5k9B5A01QAoMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD
+AgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBGdpwWyOIw7jBkEJbheeje8ccc51Z0SY/8
+oo/cYi9cI2SNtE4yt9SOZtXiWO1ga1PuFP5vNkPZu3MtqtsDt8CsSgYfgCKX1DH4
+RloTJJO73UKuMmnoqHNsuE6rHRrcoqcV8XJJ9uBz2cDVWfVDG5Pf92lB1cLQ5AGb
+X7O7MKNHu4woFdbbI8f3TN6Qx5oAcrS1alLMuPJhIkwcHuiWdjJuORx2MK4K9gov
+yRJceVyqMiTr7GGYFi/FQKIzIaHeKgQy+YGLfQ1GcbUmVItU4aQMfSM2RXb7wJ90
+XBFi0NjXZfMXVZ9kxqIki/s6NefrDAOFjHINUxGucXjEw1raewprErlsNt/8SUKT
+EDSLe1YD558jzUaqVdWinL6gMRTyyHOwt/51mg4sn3i2WLdL1Hno4F7GUIbkBmi5
+VSDDWnXdpwaFWeqA8JAvy+JIh+Ju671U1HhB68lGRvNOgfZbvW3m8GGpXldR5krR
+OYhwbxdU1rNYHH+DJ0KE4L1Y6es/571+UH7NFbvO6jAk9G/Fudel+SwhXVfFo0pi
+mmXAwT2bmDEiYBzDNHFwyT3+OGKXiDXuMvMB9ic7p3Zk9X0mRtpubW1gfZvUqIqe
+jaVeZdad0DX1yfjwi5zYT+ViI7pjXVYlgiBAnjMrEmWOpRcs793F5zBiyDjaUNFt
+3arVcS9XgA==
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/scripts/dmaap-datarouter/robot_ssl/update_ca.py b/scripts/dmaap-datarouter/robot_ssl/update_ca.py
new file mode 100644
index 00000000..d36f8acc
--- /dev/null
+++ b/scripts/dmaap-datarouter/robot_ssl/update_ca.py
@@ -0,0 +1,65 @@
+# ============LICENSE_START===================================================
+#  Copyright (C) 2019-2021 Nordix Foundation.
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=====================================================
+
+import certifi
+import os
+
+
+def add_onap_ca_cert():
+    cafile = certifi.where()
+    dir_path = os.path.dirname(os.path.realpath(__file__))
+    datarouter_ca = dir_path + '/onap_ca_cert.pem'
+    with open(datarouter_ca, 'rb') as infile:
+        customca = infile.read()
+
+    with open(cafile, 'ab') as outfile:
+        outfile.write(customca)
+
+    print("Added DR Cert to CA")
+
+
+def remove_onap_ca_cert():
+    cafile = certifi.where()
+    number_of_lines_to_delete = 40
+    count = 0
+    dr_cert_exists = False
+
+    with open(cafile, 'r+b', buffering=0) as outfile:
+        for line in outfile.readlines()[-36:-35]:
+            if '# Serial: 0x9EAEEDC0A7CEB59D'.encode() in line:
+                dr_cert_exists = True
+        if dr_cert_exists:
+            outfile.seek(0, os.SEEK_END)
+            end = outfile.tell()
+            while outfile.tell() > 0:
+                outfile.seek(-1, os.SEEK_CUR)
+                char = outfile.read(1)
+                if char == b'\n':
+                    count += 1
+                if count == number_of_lines_to_delete:
+                    outfile.truncate()
+                    print(
+                        "Removed " + str(number_of_lines_to_delete) + " lines from end of CA File")
+                    exit(0)
+                outfile.seek(-1, os.SEEK_CUR)
+        else:
+            print("No DR cert in CA File to remove")
+
+    if count < number_of_lines_to_delete + 1:
+        print("Number of lines in file less than number of lines to delete. Exiting...")
+        exit(1)
diff --git a/scripts/dmaap-datarouter/update_ca.py b/scripts/dmaap-datarouter/update_ca.py
deleted file mode 100644
index 0d76e224..00000000
--- a/scripts/dmaap-datarouter/update_ca.py
+++ /dev/null
@@ -1,33 +0,0 @@
-#
-# ============LICENSE_START=======================================================
-#  Copyright (C) 2019 Nordix Foundation.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# SPDX-License-Identifier: Apache-2.0
-# ============LICENSE_END=========================================================
-#
-
-import certifi
-import os
-
-cafile = certifi.where()
-dir_path = os.path.dirname(os.path.realpath(__file__))
-datarouter_ca = dir_path + '/datarouterCA.crt'
-with open(datarouter_ca, 'rb') as infile:
-    customca = infile.read()
-
-with open(cafile, 'ab') as outfile:
-    outfile.write(customca)
-
-print("Added DR Cert to CA")