From 1e99719c0224863cf26c5362243a4fa1b955c362 Mon Sep 17 00:00:00 2001 From: Sylvain Desbureaux Date: Sun, 28 Feb 2021 14:59:22 +0100 Subject: [AAI][BABEL] Remove Hardcoded certificates Use Certinitializer in order to retrieve needed certificates. Change ModelLoader also as it needs valid certificate to communicate with Babel. Issue-ID: OOM-2693 Signed-off-by: Sylvain Desbureaux Change-Id: I64b8ede24643f942dc99956030c202c50d41ad1e --- .../resources/config/application.properties | 25 +++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) (limited to 'kubernetes/aai/components/aai-babel/resources/config/application.properties') diff --git a/kubernetes/aai/components/aai-babel/resources/config/application.properties b/kubernetes/aai/components/aai-babel/resources/config/application.properties index 21ed6cd9ee..6a3a74c0a6 100644 --- a/kubernetes/aai/components/aai-babel/resources/config/application.properties +++ b/kubernetes/aai/components/aai-babel/resources/config/application.properties @@ -1,14 +1,33 @@ +{{/* +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# Copyright © 2021 Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} server.port=9516 {{ if ( include "common.needTLS" .) }} -server.ssl.key-store=${CONFIG_HOME}/auth/tomcat_keystore +server.ssl.key-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12 +server.ssl.key-store-password=${KEYSTORE_PASSWORD} +server.ssl.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks +server.ssl.trust-store-password=${TRUSTSTORE_PASSWORD} server.ssl.client-auth=need +server.ssl.key-store-type=PKCS12 {{ else }} security.require-ssl=false server.ssl.enabled=false {{ end }} +spring.main.allow-bean-definition-overriding=true server.servlet.context-path=/services/babel-service - logging.config=${CONFIG_HOME}/logback.xml - tosca.mappings.config=${CONFIG_HOME}/tosca-mappings.json -- cgit 1.2.3-korg