aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--packages/base/src/files/etc/ssl/policy-keystorebin0 -> 114865 bytes
-rw-r--r--packages/docker/src/main/docker/do-start.sh8
-rw-r--r--packages/docker/src/main/docker/docker-install.sh17
-rw-r--r--policy-management/src/main/server/config/system.properties2
4 files changed, 21 insertions, 6 deletions
diff --git a/packages/base/src/files/etc/ssl/policy-keystore b/packages/base/src/files/etc/ssl/policy-keystore
new file mode 100644
index 00000000..c3890965
--- /dev/null
+++ b/packages/base/src/files/etc/ssl/policy-keystore
Binary files differ
diff --git a/packages/docker/src/main/docker/do-start.sh b/packages/docker/src/main/docker/do-start.sh
index c1ae41d2..dfb65e52 100644
--- a/packages/docker/src/main/docker/do-start.sh
+++ b/packages/docker/src/main/docker/do-start.sh
@@ -56,10 +56,10 @@ else
. /opt/app/policy/etc/profile.d/env.sh
- # install policy keystore
-
- mkdir -p ${POLICY_HOME}/etc/ssl
- cp config/policy-keystore ${POLICY_HOME}/etc/ssl
+ if [[ -f config/policy-keystore ]]; then
+ # install policy keystore if present
+ cp config/policy-keystore ${POLICY_HOME}/etc/ssl
+ fi
if [[ -x config/drools-tweaks.sh ]] ; then
echo "Executing tweaks"
diff --git a/packages/docker/src/main/docker/docker-install.sh b/packages/docker/src/main/docker/docker-install.sh
index 4c647f11..c17cba2a 100644
--- a/packages/docker/src/main/docker/docker-install.sh
+++ b/packages/docker/src/main/docker/docker-install.sh
@@ -239,6 +239,20 @@ function configure_settings() {
}
+function configure_keystore() {
+ if [[ $DEBUG == y ]]; then
+ echo "-- ${FUNCNAME[0]} $@ --"
+ set -x
+ fi
+
+ local DEFAULT_KEYSTORE_PASSWORD="Pol1cy_0nap"
+
+ if [[ -n ${KEYSTORE_PASSWD} ]]; then
+ keytool -storepasswd -storepass ${DEFAULT_KEYSTORE_PASSWORD} -keystore ${POLICY_HOME}/etc/ssl/policy-keystore -new ${KEYSTORE_PASSWD}
+ keytool -list -keystore ${POLICY_HOME}/etc/ssl/policy-keystore -storepass ${KEYSTORE_PASSWD}
+ fi
+}
+
function check_r_file() {
if [[ $DEBUG == y ]]; then
@@ -329,7 +343,8 @@ function configure_base() {
configure_component "${BASE_CONF}" "${POLICY_HOME}"
configure_settings
-
+ configure_keystore
+
BASH_PROFILE_LINE=". ${POLICY_HOME}/etc/profile.d/env.sh"
PROFILE_LINE="ps -p \$\$ | grep -q bash || . ${POLICY_HOME}/etc/profile.d/env.sh"
diff --git a/policy-management/src/main/server/config/system.properties b/policy-management/src/main/server/config/system.properties
index fbac119a..7f92c879 100644
--- a/policy-management/src/main/server/config/system.properties
+++ b/policy-management/src/main/server/config/system.properties
@@ -28,7 +28,7 @@ com.sun.management.jmxremote.ssl=false
# certs
-javax.net.ssl.trustStore=/opt/app/policy/etc/ssl/policy-keystore
+javax.net.ssl.trustStore=${{POLICY_HOME}}/etc/ssl/policy-keystore
javax.net.ssl.trustStorePassword=${{KEYSTORE_PASSWD}}
# standard logging