diff options
author | r.bogacki <r.bogacki@samsung.com> | 2019-08-06 15:45:17 +0200 |
---|---|---|
committer | Ofir Sonsino <ofir.sonsino@intl.att.com> | 2019-08-14 08:07:16 +0000 |
commit | b0bfb079a00826eeb4634c86f4e887c544a363fa (patch) | |
tree | 5020a1649ac4d31b97caf668e8fc8bb4ab457b93 /openecomp-be/dist/sdc-onboard-backend-docker | |
parent | f2b773335f1dd5b71fa83b81c6e788c1c0d10439 (diff) |
HTTPS calls for sdc-onboarding
Implement HTTPS calls into sdc-onboarding
-Added p12 keystore certificate.
-Updated application configuration.
-Added trust-store.
Issue-ID: SDC-2498
Signed-off-by: Robert Bogacki <r.bogacki@samsung.com>
Signed-off-by: Krystian Kedron <k.kedron@partner.samsung.com>
Change-Id: Ia96c42cddee5fd94014963c9d2f584b098693a9a
Diffstat (limited to 'openecomp-be/dist/sdc-onboard-backend-docker')
8 files changed, 10 insertions, 11 deletions
diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/attributes/default.rb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/attributes/default.rb index 844af469aa..566047da6c 100644 --- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/attributes/default.rb +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/attributes/default.rb @@ -5,9 +5,9 @@ default['FE'][:http_port] = 8181 default['FE'][:https_port] = 9443 default['disableHttp'] = true default['cassandra'][:truststore_password] = "Aa123456" -default['jetty'][:keystore_pwd] = "OBF:1cp61iuj194s194u194w194y1is31cok" -default['jetty'][:keymanager_pwd] = "OBF:1cp61iuj194s194u194w194y1is31cok" -default['jetty'][:truststore_pwd] = "OBF:1cp61iuj194s194u194w194y1is31cok" +default['jetty'][:keystore_pwd] = "rTIS;B4kM]2GHcNK2c3B4&Ng" +default['jetty'][:keymanager_pwd] = "rTIS;B4kM]2GHcNK2c3B4&Ng" +default['jetty'][:truststore_pwd] = "Y,f975ZNJfVZhV*{+Y[}pA?0" default['VnfRepo']['vnfRepoPort'] = 8702 default['VnfRepo']['vnfRepoHost'] = "192.168.50.5" @@ -19,7 +19,6 @@ default['cassandra']['socket_read_timeout'] = 20000 default['cassandra']['socket_connect_timeout'] = 20000 default['cassandra']['janusgraph_connection_timeout'] = 10000 - #ExternalTesting default['EXTTEST']['ep1_config'] = "vtp,VTP,true,http://192.168.50.5:8702/onapapi/vnfsdk-marketplace,c.*" default['EXTTEST']['ep2_config'] = "repository,Repository,false,,.*" diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/keystore b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/keystore Binary files differdeleted file mode 100644 index c4083931dc..0000000000 --- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/keystore +++ /dev/null diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.p12 b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.p12 Binary files differnew file mode 100644 index 0000000000..ee000dc749 --- /dev/null +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.p12 diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.trust.jks b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.trust.jks Binary files differnew file mode 100644 index 0000000000..342c4f2ad7 --- /dev/null +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.trust.jks diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/truststore b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/truststore Binary files differdeleted file mode 100644 index c4083931dc..0000000000 --- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/truststore +++ /dev/null diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_2_locate_keystore.rb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_2_locate_keystore.rb index 25f5d4ff65..e482b693e7 100644 --- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_2_locate_keystore.rb +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_2_locate_keystore.rb @@ -6,15 +6,15 @@ directory "Jetty_etcdir_creation" do action :create end -cookbook_file "#{ENV['JETTY_BASE']}/etc/keystore" do - source "keystore" +cookbook_file "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.p12" do + source "org.onap.sdc.p12" owner "jetty" group "jetty" mode 0755 end -cookbook_file "#{ENV['JETTY_BASE']}/etc/truststore" do - source "truststore" +cookbook_file "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.trust.jks" do + source "org.onap.sdc.trust.jks" owner "jetty" group "jetty" mode 0755 diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ready-probe.sh.erb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ready-probe.sh.erb index 4e58227241..60148e0d16 100644 --- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ready-probe.sh.erb +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ready-probe.sh.erb @@ -1,6 +1,6 @@ #!/bin/bash <% if node[:disableHttp] -%> -health_Check_http_code=$(curl --max-time 5 -o /dev/null -w '%{http_code}' -X GET --header "USER_ID: cs0008" --header "Accept: application/json" "http://127.0.0.1:<%= @ssl_port %>/onboarding-api/v1.0/healthcheck") +health_Check_http_code=$(curl --max-time 5 -o /dev/null -w '%{http_code}' -X GET --header "USER_ID: cs0008" --header "Accept: application/json" "https://127.0.0.1:<%= @ssl_port %>/onboarding-api/v1.0/healthcheck") <% else %> health_Check_http_code=$(curl --max-time 5 -o /dev/null -w '%{http_code}' -X GET --header "USER_ID: cs0008" --header "Accept: application/json" "http://127.0.0.1:<%= @onboard_port %>/onboarding-api/v1.0/healthcheck") <% end -%> diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ssl-ini.erb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ssl-ini.erb index 1f1ff5d394..278fdea2ae 100644 --- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ssl-ini.erb +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ssl-ini.erb @@ -42,10 +42,10 @@ jetty.ssl.port=<%= @https_port %> ## See http://www.eclipse.org/jetty/documentation/current/configuring-security-secure-passwords.html ## Keystore file path (relative to $jetty.base) -# jetty.sslContext.keyStorePath=etc/keystore +jetty.sslContext.keyStorePath=etc/org.onap.sdc.p12 ## Truststore file path (relative to $jetty.base) -#jetty.sslContext.trustStorePath=etc/truststore +jetty.sslContext.trustStorePath=etc/org.onap.sdc.trust.jks ## Keystore password # jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 |