diff options
| author |   Aleksandra Maciaga <aleksandra.maciaga@nokia.com> | 2020-03-26 17:28:47 +0100 |
|---|---|---|
| committer |   Michal Banka <michal.banka@nokia.com> | 2020-04-03 15:16:10 +0200 |
| commit | 13b7d05f2c457cea4a5f78fe4dbb6d1d99a6f450 (patch) | |
| tree | 73792f6f545cb89f4cff29e31e029c06c7909c4e /plans/aaf/certservice/setup.sh | |
| parent | 1ebe7ecef97bdac055c8ed67c5b379a4f6c89c4c (diff) | |
Change AAF Certservice CSITs to send requests via HTTPS
Signed-off-by: Aleksandra Maciaga <aleksandra.maciaga@nokia.com>
Signed-off-by: Michal Banka <michal.banka@nokia.com>
Change-Id: Ia7b5d8d548f4ae3727302772fc56e6b0142b0da0
Issue-ID: AAF-1084
Diffstat (limited to 'plans/aaf/certservice/setup.sh')
| -rw-r--r-- | plans/aaf/certservice/setup.sh | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/plans/aaf/certservice/setup.sh b/plans/aaf/certservice/setup.sh index 93d65f78..b23b7192 100644 --- a/plans/aaf/certservice/setup.sh +++ b/plans/aaf/certservice/setup.sh @@ -71,15 +71,26 @@ echo "Use configuration from: $CONFIGURATION_PATH" export CONFIGURATION_PATH=${CONFIGURATION_PATH} export SCRIPTS_PATH=${SCRIPTS_PATH} +#Generate keystores, truststores, certificates and keys +mkdir -p ${WORKSPACE}/tests/aaf/certservice/assets/certs/ +make all -C ./certs/ +cp ${WORKSPACE}/plans/aaf/certservice/certs/root.crt ${WORKSPACE}/tests/aaf/certservice/assets/certs/root.crt +echo "Generated keystores" +openssl pkcs12 -in ${WORKSPACE}/plans/aaf/certservice/certs/certServiceServer-keystore.p12 -clcerts -nokeys -password pass:secret | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ${WORKSPACE}/tests/aaf/certservice/assets/certs/certServiceServer.crt +echo "Generated server certificate" +openssl pkcs12 -in ${WORKSPACE}/plans/aaf/certservice/certs/certServiceServer-keystore.p12 -nocerts -nodes -password pass:secret| sed -ne '/-BEGIN PRIVATE KEY-/,/-END PRIVATE KEY-/p' > ${WORKSPACE}/tests/aaf/certservice/assets/certs/certServiceServer.key +echo "Generated server key" + docker-compose up -d AAFCERT_IP='none' # Wait container ready for i in {1..9} do - AAFCERT_IP=`get-instance-ip.sh aafcert` - RESP_CODE=$(curl -I -s -o /dev/null -w "%{http_code}" http://${AAFCERT_IP}:8080/actuator/health) - if [[ "$RESP_CODE" == '200' ]]; then + AAFCERT_IP=`get-instance-ip.sh aafcert-service` + RESP_CODE=$(curl -s https://localhost:8443/actuator/health --cacert ./certs/root.crt --cert-type p12 --cert ./certs/certServiceServer-keystore.p12 --pass secret | \ + python2 -c 'import json,sys;obj=json.load(sys.stdin);print obj["status"]') + if [[ "$RESP_CODE" == "UP" ]]; then echo 'AAF Cert Service is ready' export AAFCERT_IP=${AAFCERT_IP} docker exec aafcert-ejbca /opt/primekey/scripts/ejbca-configuration.sh |