Changes related to TLS implemenation for oof-has

update oof certificates to add has hostnames
updating oof certs to the latest generated date

Change-Id: Ib9191d66eb491975f74062ee5e28b762d9cce9c1
Issue-ID: OPTFRA-461
Signed-off-by: Ikramullah, Ikram <ikram@research.att.com>
Signed-off-by: Shankar Narayanan <snarayanan@research.att.com>

1 files changed, 31 insertions, 0 deletions

diff --git a/kubernetes/oof/charts/oof-has/resources/config/nginx.conf b/kubernetes/oof/charts/oof-has/resources/config/nginx.conf
new file mode 100644
index 0000000000..3db6a21c3a
--- /dev/null
+++ b/kubernetes/oof/charts/oof-has/resources/config/nginx.conf
@@ -0,0 +1,31 @@
+events {
+        worker_connections 768;
+        # multi_accept on;
+}
+
+http {
+    # ...
+    upstream conductor_uwsgi {
+       server 127.0.0.1:80;
+    }
+
+    server {
+
+        listen              8091 ssl;
+        server_name         oof;
+        ssl_certificate     /etc/nginx/ssl/org.onap.oof.crt;
+        ssl_certificate_key /etc/nginx/ssl/org.onap.oof.key;
+        ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
+        ssl_ciphers         HIGH:!aNULL:!MD5;
+
+        location / {
+            include /etc/nginx/uwsgi_params;
+            uwsgi_pass conductor_uwsgi;
+
+            uwsgi_param Host $host;
+            uwsgi_param X-Real-IP $remote_addr;
+            uwsgi_param X-Forwarded-For $proxy_add_x_forwarded_for;
+            uwsgi_param X-Forwarded-Proto $http_x_forwarded_proto;
+        }
+    }
+}