summaryrefslogtreecommitdiffstats
path: root/kubernetes/aai/components/aai-graphadmin/resources/config/application.properties
diff options
context:
space:
mode:
authorKrzysztof Opasiak <k.opasiak@samsung.com>2021-11-15 10:25:55 +0000
committerGerrit Code Review <gerrit@onap.org>2021-11-15 10:25:55 +0000
commit24b065f99849c6b306e55890dd0d1f8e8f1a9356 (patch)
tree4e01907c82c47ed94480328677c6b9b6ba414a61 /kubernetes/aai/components/aai-graphadmin/resources/config/application.properties
parentec4b3f210fa5c2544dc260094c326ceb8995b265 (diff)
parentc57b58ddca8fa19fad93b3aea70e556ad6f045d8 (diff)
Merge "[AAI][SCHEMA] Remove Hardcoded certificates"
Diffstat (limited to 'kubernetes/aai/components/aai-graphadmin/resources/config/application.properties')
-rw-r--r--kubernetes/aai/components/aai-graphadmin/resources/config/application.properties27
1 files changed, 14 insertions, 13 deletions
diff --git a/kubernetes/aai/components/aai-graphadmin/resources/config/application.properties b/kubernetes/aai/components/aai-graphadmin/resources/config/application.properties
index 367e9038cd..27606021ef 100644
--- a/kubernetes/aai/components/aai-graphadmin/resources/config/application.properties
+++ b/kubernetes/aai/components/aai-graphadmin/resources/config/application.properties
@@ -4,6 +4,7 @@
# org.onap.aai
# ================================================================================
# Copyright � 2018 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2021 Orange
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -44,16 +45,16 @@ server.tomcat.max-idle-time=60000
# If you get an application startup failure that the port is already taken
# If thats not it, please check if the key-store file path makes sense
-server.local.startpath=aai-graphadmin/src/main/resources/
+server.local.startpath=/opt/app/aai-graphadmin/resources/
server.basic.auth.location=${server.local.startpath}etc/auth/realm.properties
server.port=8449
{{ if ( include "common.needTLS" .) }}
server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
-server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }}
-server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
-server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }}
-server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
+server.ssl.key-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.jks
+server.ssl.key-store-password=password(${KEYSTORE_JKS_PASSWORD})
+server.ssl.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
+server.ssl.trust-store-password=password(${TRUSTSTORE_PASSWORD})
server.ssl.client-auth=want
server.ssl.key-store-type=JKS
{{ else }}
@@ -103,10 +104,10 @@ schema.service.versions.endpoint=versions
schema.service.client={{ (eq "true" (include "common.needTLS" .)) | ternary .Values.global.config.schema.service.client "no-auth" }}
{{ if ( include "common.needTLS" .) }}
-schema.service.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }}
-schema.service.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }}
-schema.service.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
-schema.service.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
+schema.service.ssl.key-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.jks
+schema.service.ssl.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
+schema.service.ssl.key-store-password=password(${KEYSTORE_JKS_PASSWORD})
+schema.service.ssl.trust-store-password=password(${TRUSTSTORE_PASSWORD})
{{ end }}
aperture.rdbmsname=aai_relational
@@ -115,9 +116,9 @@ aperture.service.client={{ (eq "true" (include "common.needTLS" .)) | ternary .V
aperture.service.base.url=http://localhost:8457/aai/aperture
{{ if ( include "common.needTLS" .) }}
-aperture.service.ssl.key-store=${server.local.startpath}etc/auth/{{ .Values.global.config.keystore.filename }}
-aperture.service.ssl.trust-store=${server.local.startpath}etc/auth/{{ .Values.global.config.truststore.filename }}
-aperture.service.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
-aperture.service.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
+aperture.service.ssl.key-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.jks
+aperture.service.ssl.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
+aperture.service.ssl.key-store-password=password(${KEYSTORE_JKS_PASSWORD})
+aperture.service.ssl.trust-store-password=password(${TRUSTSTORE_PASSWORD})
{{ end }}
aperture.service.timeout-in-milliseconds=300000