diff options
| author |   xuegao <xg353y@intl.att.com> | 2019-11-28 15:13:18 +0100 |
|---|---|---|
| committer | xuegao <xg353y@intl.att.com> | 2019-11-29 16:23:22 +0100 |
| commit | 1ebfe6b467e5a6a42c756f225397da76f9e3dfc2 (patch) | |
| tree | 29c55623caf2373cd51f71ceb80d80e513a1c330 /src/main/resources | |
| parent | 876d1a49367b4614680954913590372d773ec8ec (diff) | |
Merge ssl password
Use the aaf encrypted ssl password fot server.ssl parameters
Issue-ID: CLAMP-339
Change-Id: I8869bb527f2851c1d298cd03e45327791a8acfab
Signed-off-by: xuegao <xg353y@intl.att.com>
Diffstat (limited to 'src/main/resources')
| -rw-r--r-- | src/main/resources/application-noaaf.properties | 12 | ||||
| -rw-r--r-- | src/main/resources/application.properties | 15 |
2 files changed, 16 insertions, 11 deletions
diff --git a/src/main/resources/application-noaaf.properties b/src/main/resources/application-noaaf.properties index 79466c89f..d389b211c 100644 --- a/src/main/resources/application-noaaf.properties +++ b/src/main/resources/application-noaaf.properties @@ -55,21 +55,25 @@ server.port=8443 ## Config part for Server certificates # Can be a classpath parameter instead of file:/ server.ssl.key-store=classpath:/clds/aaf/org.onap.clamp.p12 -server.ssl.key-store-password=China in the Spring -server.ssl.key-password=China in the Spring +server.ssl.key-store-password=enc:WWCxchk4WGBNSvuzLq3MLjMs5ObRybJtts5AI0XD1Vc +server.ssl.key-password=enc:WWCxchk4WGBNSvuzLq3MLjMs5ObRybJtts5AI0XD1Vc server.ssl.key-store-type=PKCS12 server.ssl.key-alias=clamp@clamp.onap.org ## Config part for Client certificates server.ssl.client-auth=want server.ssl.trust-store=classpath:/clds/aaf/truststoreONAPall.jks -server.ssl.trust-store-password=changeit +server.ssl.trust-store-password=enc:iDnPBBLq_EMidXlMa1FEuBR8TZzYxrCg66vq_XfLHdJ + +# The key file used to decode the key store and trust store password +# If not defined, the key store and trust store password will not be decrypted +clamp.config.keyFile=classpath:/clds/aaf/org.onap.clamp.keyfile #server.http-to-https-redirection.port=8080 server.servlet.context-path=/ #Modified engine-rest applicationpath -spring.profiles.active=clamp-default,clamp-default-user,clamp-sdc-controller-new +spring.profiles.active=clamp-default,clamp-default-user,clamp-sdc-controller-new,clamp-ssl-config spring.http.converters.preferred-json-mapper=gson #The max number of active threads in this pool diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 3ac6fa255..b97d64364 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -60,21 +60,25 @@ server.port=8443 ## Config part for Server certificates # Can be a classpath parameter instead of file:/ server.ssl.key-store=classpath:/clds/aaf/org.onap.clamp.p12 -server.ssl.key-store-password=China in the Spring -server.ssl.key-password=China in the Spring +server.ssl.key-store-password=enc:WWCxchk4WGBNSvuzLq3MLjMs5ObRybJtts5AI0XD1Vc +server.ssl.key-password=enc:WWCxchk4WGBNSvuzLq3MLjMs5ObRybJtts5AI0XD1Vc server.ssl.key-store-type=PKCS12 server.ssl.key-alias=clamp@clamp.onap.org +# The key file used to decode the key store and trust store password +# If not defined, the key store and trust store password will not be decrypted +clamp.config.keyFile=classpath:/clds/aaf/org.onap.clamp.keyfile + ## Config part for Client certificates server.ssl.client-auth=want server.ssl.trust-store=classpath:/clds/aaf/truststoreONAPall.jks -server.ssl.trust-store-password=changeit +server.ssl.trust-store-password=enc:iDnPBBLq_EMidXlMa1FEuBR8TZzYxrCg66vq_XfLHdJ #server.http-to-https-redirection.port=8080 server.servlet.context-path=/ #Modified engine-rest applicationpath -spring.profiles.active=clamp-default,clamp-aaf-authentication,clamp-sdc-controller-new +spring.profiles.active=clamp-default,clamp-aaf-authentication,clamp-sdc-controller-new,clamp-ssl-config spring.http.converters.preferred-json-mapper=gson #The max number of active threads in this pool @@ -240,13 +244,10 @@ clamp.config.security.permission.instance=dev clamp.config.security.authentication.class=org.onap.aaf.cadi.principal.X509Principal #AAF related parameters -clamp.config.cadi.keyFile=classpath:/clds/aaf/org.onap.clamp.keyfile clamp.config.cadi.cadiLoglevel=DEBUG clamp.config.cadi.cadiLatitude=10 clamp.config.cadi.cadiLongitude=10 clamp.config.cadi.aafLocateUrl=https://aaf-locate:8095 -clamp.config.cadi.cadiKeystorePassword=enc:WWCxchk4WGBNSvuzLq3MLjMs5ObRybJtts5AI0XD1Vc -clamp.config.cadi.cadiTruststorePassword=enc:iDnPBBLq_EMidXlMa1FEuBR8TZzYxrCg66vq_XfLHdJ clamp.config.cadi.oauthTokenUrl= https://AAF_LOCATE_URL/locate/onap.org.osaaf.aaf.token:2.1/token clamp.config.cadi.oauthIntrospectUrll=https://AAF_LOCATE_URL/locate/onap.org.osaaf.aaf.introspect:2.1/introspect clamp.config.cadi.aafEnv=DEV |