From 1ebfe6b467e5a6a42c756f225397da76f9e3dfc2 Mon Sep 17 00:00:00 2001 From: xuegao Date: Thu, 28 Nov 2019 15:13:18 +0100 Subject: Merge ssl password Use the aaf encrypted ssl password fot server.ssl parameters Issue-ID: CLAMP-339 Change-Id: I8869bb527f2851c1d298cd03e45327791a8acfab Signed-off-by: xuegao --- src/main/resources/application-noaaf.properties | 12 ++++++++---- src/main/resources/application.properties | 15 ++++++++------- 2 files changed, 16 insertions(+), 11 deletions(-) (limited to 'src/main/resources') diff --git a/src/main/resources/application-noaaf.properties b/src/main/resources/application-noaaf.properties index 79466c89f..d389b211c 100644 --- a/src/main/resources/application-noaaf.properties +++ b/src/main/resources/application-noaaf.properties @@ -55,21 +55,25 @@ server.port=8443 ## Config part for Server certificates # Can be a classpath parameter instead of file:/ server.ssl.key-store=classpath:/clds/aaf/org.onap.clamp.p12 -server.ssl.key-store-password=China in the Spring -server.ssl.key-password=China in the Spring +server.ssl.key-store-password=enc:WWCxchk4WGBNSvuzLq3MLjMs5ObRybJtts5AI0XD1Vc +server.ssl.key-password=enc:WWCxchk4WGBNSvuzLq3MLjMs5ObRybJtts5AI0XD1Vc server.ssl.key-store-type=PKCS12 server.ssl.key-alias=clamp@clamp.onap.org ## Config part for Client certificates server.ssl.client-auth=want server.ssl.trust-store=classpath:/clds/aaf/truststoreONAPall.jks -server.ssl.trust-store-password=changeit +server.ssl.trust-store-password=enc:iDnPBBLq_EMidXlMa1FEuBR8TZzYxrCg66vq_XfLHdJ + +# The key file used to decode the key store and trust store password +# If not defined, the key store and trust store password will not be decrypted +clamp.config.keyFile=classpath:/clds/aaf/org.onap.clamp.keyfile #server.http-to-https-redirection.port=8080 server.servlet.context-path=/ #Modified engine-rest applicationpath -spring.profiles.active=clamp-default,clamp-default-user,clamp-sdc-controller-new +spring.profiles.active=clamp-default,clamp-default-user,clamp-sdc-controller-new,clamp-ssl-config spring.http.converters.preferred-json-mapper=gson #The max number of active threads in this pool diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 3ac6fa255..b97d64364 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -60,21 +60,25 @@ server.port=8443 ## Config part for Server certificates # Can be a classpath parameter instead of file:/ server.ssl.key-store=classpath:/clds/aaf/org.onap.clamp.p12 -server.ssl.key-store-password=China in the Spring -server.ssl.key-password=China in the Spring +server.ssl.key-store-password=enc:WWCxchk4WGBNSvuzLq3MLjMs5ObRybJtts5AI0XD1Vc +server.ssl.key-password=enc:WWCxchk4WGBNSvuzLq3MLjMs5ObRybJtts5AI0XD1Vc server.ssl.key-store-type=PKCS12 server.ssl.key-alias=clamp@clamp.onap.org +# The key file used to decode the key store and trust store password +# If not defined, the key store and trust store password will not be decrypted +clamp.config.keyFile=classpath:/clds/aaf/org.onap.clamp.keyfile + ## Config part for Client certificates server.ssl.client-auth=want server.ssl.trust-store=classpath:/clds/aaf/truststoreONAPall.jks -server.ssl.trust-store-password=changeit +server.ssl.trust-store-password=enc:iDnPBBLq_EMidXlMa1FEuBR8TZzYxrCg66vq_XfLHdJ #server.http-to-https-redirection.port=8080 server.servlet.context-path=/ #Modified engine-rest applicationpath -spring.profiles.active=clamp-default,clamp-aaf-authentication,clamp-sdc-controller-new +spring.profiles.active=clamp-default,clamp-aaf-authentication,clamp-sdc-controller-new,clamp-ssl-config spring.http.converters.preferred-json-mapper=gson #The max number of active threads in this pool @@ -240,13 +244,10 @@ clamp.config.security.permission.instance=dev clamp.config.security.authentication.class=org.onap.aaf.cadi.principal.X509Principal #AAF related parameters -clamp.config.cadi.keyFile=classpath:/clds/aaf/org.onap.clamp.keyfile clamp.config.cadi.cadiLoglevel=DEBUG clamp.config.cadi.cadiLatitude=10 clamp.config.cadi.cadiLongitude=10 clamp.config.cadi.aafLocateUrl=https://aaf-locate:8095 -clamp.config.cadi.cadiKeystorePassword=enc:WWCxchk4WGBNSvuzLq3MLjMs5ObRybJtts5AI0XD1Vc -clamp.config.cadi.cadiTruststorePassword=enc:iDnPBBLq_EMidXlMa1FEuBR8TZzYxrCg66vq_XfLHdJ clamp.config.cadi.oauthTokenUrl= https://AAF_LOCATE_URL/locate/onap.org.osaaf.aaf.token:2.1/token clamp.config.cadi.oauthIntrospectUrll=https://AAF_LOCATE_URL/locate/onap.org.osaaf.aaf.introspect:2.1/introspect clamp.config.cadi.aafEnv=DEV -- cgit 1.2.3-korg