From 72d646c18a563bb5130c8c7e099586c4f33dbd2c Mon Sep 17 00:00:00 2001
From: jhh <jorge.hernandez-herrero@att.com>
Date: Tue, 23 Mar 2021 12:53:01 -0500
Subject: Update cert stores configuration

Issue-ID: POLICY-3158
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: Iee453ea70e0ebd9a82c0126ffedd8f5632783d6f
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
(cherry picked from commit 605ce7bb27bd15f45064418a05599acdea373562)
---
 packages/install/src/files/base.conf                       |  6 +++++-
 .../src/main/server/config/aaf-system.properties           | 14 +++++++-------
 .../src/main/server/config/engine-system.properties        | 10 +++++-----
 3 files changed, 17 insertions(+), 13 deletions(-)

diff --git a/packages/install/src/files/base.conf b/packages/install/src/files/base.conf
index 19a5e44b..040f7cdc 100644
--- a/packages/install/src/files/base.conf
+++ b/packages/install/src/files/base.conf
@@ -28,7 +28,11 @@ JVM_OPTIONS=-server -Xms512m -Xmx1024m
 POLICY_HOME=/opt/app/policy
 POLICY_LOGS=/opt/app/policy/logs
 JAVA_HOME=/usr/lib/jvm/java-11-openjdk
+
+KEYSTORE=/opt/app/policy/etc/ssl/policy-keystore
 KEYSTORE_PASSWD=Pol1cy_0nap
+
+TRUSTSTORE=/opt/app/policy/etc/ssl/policy-truststore
 TRUSTSTORE_PASSWD=Pol1cy_0nap
 
 # System proxy settings
@@ -40,7 +44,6 @@ TRUSTSTORE_PASSWD=Pol1cy_0nap
 #https_proxy=
 
 # Telemetry credentials
-
 TELEMETRY_PORT=9696
 TELEMETRY_HOST=0.0.0.0
 TELEMETRY_USER=
@@ -75,6 +78,7 @@ SQL_PASSWORD=
 AAF=false
 AAF_NAMESPACE=org.onap.policy
 AAF_HOST=aaf-onap-test.osaaf.org
+CADI_KEYFILE=/opt/app/policy/config/aaf-cadi.keyfile
 
 # PDP-D DMaaP configuration channel
 
diff --git a/policy-management/src/main/server/config/aaf-system.properties b/policy-management/src/main/server/config/aaf-system.properties
index 645bad28..9e64017f 100644
--- a/policy-management/src/main/server/config/aaf-system.properties
+++ b/policy-management/src/main/server/config/aaf-system.properties
@@ -2,7 +2,7 @@
 # ============LICENSE_START=======================================================
 # ONAP
 # ================================================================================
-# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+# Copyright (C) 2019, 2021 AT&T Intellectual Property. All rights reserved.
 # ================================================================================
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -32,12 +32,12 @@ cadi_longitude=-72.000
 cadi_loglevel=DEBUG
 
 cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US
-cadi_keyfile=${env:POLICY_HOME}/config/aaf-cadi.keyfile
-cadi_keystore=${env:POLICY_HOME}/etc/ssl/policy-keystore
-cadi_keystore_password=${env:KEYSTORE_PASSWD}
-cadi_key_password=${env:KEYSTORE_PASSWD}
+cadi_keyfile=${envd:CADI_KEYFILE:/opt/app/policy/config/aaf-cadi.keyfile}
+cadi_keystore=${envd:KEYSTORE:/opt/app/policy/etc/ssl/policy-keystore}
+cadi_keystore_password=${envd:KEYSTORE_PASSWD:Pol1cy_0nap}
+cadi_key_password=${envd:KEYSTORE_PASSWD:Pol1cy_0nap}
 cadi_alias=policy@policy.onap.org
-cadi_truststore=${env:POLICY_HOME}/etc/ssl/policy-truststore
-cadi_truststore_password=${env:TRUSTSTORE_PASSWD}
+cadi_truststore=${envd:TRUSTSTORE:/opt/app/policy/etc/ssl/policy-truststore}
+cadi_truststore_password=${envd:TRUSTSTORE_PASSWD:Pol1cy_0nap}
 
 cm_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.cm:2.1
diff --git a/policy-management/src/main/server/config/engine-system.properties b/policy-management/src/main/server/config/engine-system.properties
index cded4f24..722e7c2a 100644
--- a/policy-management/src/main/server/config/engine-system.properties
+++ b/policy-management/src/main/server/config/engine-system.properties
@@ -2,7 +2,7 @@
 # ============LICENSE_START=======================================================
 # ONAP
 # ================================================================================
-# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+# Copyright (C) 2019, 2021 AT&T Intellectual Property. All rights reserved.
 # ================================================================================
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -30,11 +30,11 @@ com.sun.management.jmxremote.ssl=false
 
 # certs
 
-javax.net.ssl.trustStore=${envd:POLICY_HOME:/opt/app/policy}/etc/ssl/policy-truststore
-javax.net.ssl.trustStorePassword=${envd:TRUSTSTORE_PASSWD}
+javax.net.ssl.trustStore=${envd:TRUSTSTORE:/opt/app/policy/etc/ssl/policy-truststore}
+javax.net.ssl.trustStorePassword=${envd:TRUSTSTORE_PASSWD:Pol1cy_0nap}
 
-javax.net.ssl.keyStore=${envd:POLICY_HOME:/opt/app/policy}/etc/ssl/policy-keystore
-javax.net.ssl.keyStorePassword=${envd:KEYSTORE_PASSWD}
+javax.net.ssl.keyStore=${envd:KEYSTORE:/opt/app/policy/etc/ssl/policy-keystore}
+javax.net.ssl.keyStorePassword=${envd:KEYSTORE_PASSWD:Pol1cy_0nap}
 
 # kie
 
-- 
cgit 1.2.3-korg