From dcc4bdc4e0f8b614e36a7ef0a2d97e2b6b5e3201 Mon Sep 17 00:00:00 2001 From: sebdet Date: Tue, 15 Oct 2019 14:04:00 +0200 Subject: Update AAF certificate Update the AAF certificate as the previous one will expire soon Issue-ID: CLAMP-536 Change-Id: Ia900449fcb1b327d60ae8f9c628610151ed70f0d Signed-off-by: sebdet --- src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'src/main/java/org/onap') diff --git a/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java b/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java index cd141ae77..68544de67 100644 --- a/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java +++ b/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java @@ -46,6 +46,7 @@ import javax.servlet.http.HttpServletRequest; import org.onap.aaf.cadi.config.Config; import org.onap.aaf.cadi.filter.CadiFilter; +import org.onap.clamp.clds.util.ResourceFileUtil; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.ApplicationContext; @@ -150,13 +151,17 @@ public class ClampCadiFilter extends CadiFilter { X509Certificate cert = (X509Certificate) certificateFactory .generateCertificate(new ByteArrayInputStream( URLDecoder.decode(certHeader, StandardCharsets.UTF_8.toString()).getBytes())); + X509Certificate caCert = (X509Certificate) certificateFactory + .generateCertificate(new ByteArrayInputStream(ResourceFileUtil.getResourceAsString("clds/aaf/ssl/ca-certs.pem").getBytes())); + X509Certificate[] certifArray = ((X509Certificate[]) request .getAttribute("javax.servlet.request.X509Certificate")); if (certifArray == null) { - certifArray = new X509Certificate[] { cert }; + certifArray = new X509Certificate[] { cert, caCert }; request.setAttribute("javax.servlet.request.X509Certificate", certifArray); } else { certifArray[0] = cert; + certifArray[1] = caCert; } } -- cgit 1.2.3-korg