diff options
| author |   Jorge Hernandez <jh1730@att.com> | 2018-08-17 16:23:07 -0500 |
|---|---|---|
| committer | Jorge Hernandez <jh1730@att.com> | 2018-08-17 16:31:12 -0500 |
| commit | a7ad88d23b2a59a16c098b156c430a2fe3558023 (patch) | |
| tree | 8056ad9763c6c34b30fe0a8dc0412d597e2c3d6f /packages/base/src/files/install/servers/common | |
| parent | 84df4a428ded309f750f52ac1c104ac84e426fc0 (diff) | |
https certs with aaf+pe containers compatibility
Change-Id: I21ed7a0fea5ea7d62857a077fa2568da4af99d26
Issue-ID: POLICY-1057
Signed-off-by: Jorge Hernandez <jh1730@att.com>
Diffstat (limited to 'packages/base/src/files/install/servers/common')
| -rw-r--r-- | packages/base/src/files/install/servers/common/tomcat/bin/setenv.sh | 5 | ||||
| -rw-r--r-- | packages/base/src/files/install/servers/common/tomcat/conf/server.xml | 6 |
2 files changed, 8 insertions, 3 deletions
diff --git a/packages/base/src/files/install/servers/common/tomcat/bin/setenv.sh b/packages/base/src/files/install/servers/common/tomcat/bin/setenv.sh index dc9bfbc36..d86f737f2 100644 --- a/packages/base/src/files/install/servers/common/tomcat/bin/setenv.sh +++ b/packages/base/src/files/install/servers/common/tomcat/bin/setenv.sh @@ -1,3 +1,4 @@ +#!/usr/bin/env bash ### # ============LICENSE_START======================================================= # ONAP Policy Engine @@ -24,8 +25,8 @@ CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.ssl=false" CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote.authenticate=false" CATALINA_OPTS="${CATALINA_OPTS} -Djavax.net.ssl.keyStore=${POLICY_HOME}/etc/ssl/policy-keystore" CATALINA_OPTS="${CATALINA_OPTS} -Djavax.net.ssl.keyStorePassword=${KEYSTORE_PASSWD}" -CATALINA_OPTS="${CATALINA_OPTS} -Djavax.net.ssl.trustStore=${POLICY_HOME}/etc/ssl/policy-keystore" -CATALINA_OPTS="${CATALINA_OPTS} -Djavax.net.ssl.trustStorePassword=${KEYSTORE_PASSWD}" +CATALINA_OPTS="${CATALINA_OPTS} -Djavax.net.ssl.trustStore=${POLICY_HOME}/etc/ssl/policy-truststore" +CATALINA_OPTS="${CATALINA_OPTS} -Djavax.net.ssl.trustStorePassword=${TRUSTSTORE_PASSWD}" CATALINA_OPTS="${CATALINA_OPTS} -DPOLICY_LOGS=${POLICY_LOGS}" CATALINA_OPTS="${CATALINA_OPTS} -Xms${{TOMCAT_X_MS_MB}}M" CATALINA_OPTS="${CATALINA_OPTS} -Xmx${{TOMCAT_X_MX_MB}}M" diff --git a/packages/base/src/files/install/servers/common/tomcat/conf/server.xml b/packages/base/src/files/install/servers/common/tomcat/conf/server.xml index a78dfc82e..02c548c80 100644 --- a/packages/base/src/files/install/servers/common/tomcat/conf/server.xml +++ b/packages/base/src/files/install/servers/common/tomcat/conf/server.xml @@ -104,10 +104,14 @@ documentation --> <!-- Use http instead of https + Setting the keystore and truststore in the connector, overrides the javax.net.ssl system properties + passed in to the tomcat JVM: + <Connector port="${{SSL_HTTP_CONNECTOR_PORT}}" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslEnabledProtocols="TLSv1, TLSv1.1, TLSv1.2" - keystoreFile="${{POLICY_HOME}}/etc/ssl/policy-keystore" keystorePass="${{KEYSTORE_PASSWD}}"/> + keystoreFile="${{POLICY_HOME}}/etc/ssl/policy-keystore" keystorePass="${{KEYSTORE_PASSWD}}" + truststoreFile="${{POLICY_HOME}}/etc/ssl/policy-truststore" truststorePass="${{TRUSTSTORE_PASSWD}}"/> --> <Connector port="${{SSL_HTTP_CONNECTOR_PORT}}" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" /> |