[SDC-9] TLS 1.2 and HTTPS

Change-Id: I271ba4a4b45ab9792636faffe6d1c151ec591fd9 Signed-off-by: Pavel Aharoni <pa0916@att.com>
author: Pavel Aharoni <pa0916@att.com> 2017-04-18 13:24:50 +0300
committer: Pavel Aharoni <pa0916@att.com> 2017-04-18 13:25:21 +0300
commit: b9e7afd028547fa7d000b3982f24ec32f06235db (patch)
tree: 0033af0a187c3cfc1a533b9dfdc19cd5ecac8310
parent: 429b875ade17cf4fbd5d6fb9a9ff8e4abe34973e (diff)
8 files changed, 15 insertions, 15 deletions
diff --git a/jython-tosca-parser/pom.xml b/jython-tosca-parser/pom.xml
index 01507cc..ea942b7 100644
--- a/jython-tosca-parser/pom.xml
+++ b/jython-tosca-parser/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>org.openecomp.sdc.sdc-distribution-client</groupId>
 		<artifactId>sdc-main-distribution-client</artifactId>
-		<version>1.1.6-SNAPSHOT</version>
+		<version>1.1.7-SNAPSHOT</version>
 	</parent>
 	
 	<artifactId>jython-tosca-parser</artifactId>
diff --git a/pom.xml b/pom.xml
index 3235dcd..53b21e6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
 
 	<groupId>org.openecomp.sdc.sdc-distribution-client</groupId>
 	<artifactId>sdc-main-distribution-client</artifactId>
-	<version>1.1.6-SNAPSHOT</version>
+	<version>1.1.7-SNAPSHOT</version>
 	<packaging>pom</packaging>
 
 	<modules>
diff --git a/sdc-distribution-ci/pom.xml b/sdc-distribution-ci/pom.xml
index a570d62..61d67f2 100644
--- a/sdc-distribution-ci/pom.xml
+++ b/sdc-distribution-ci/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>org.openecomp.sdc.sdc-distribution-client</groupId>
 		<artifactId>sdc-main-distribution-client</artifactId>
-		<version>1.1.6-SNAPSHOT</version>
+		<version>1.1.7-SNAPSHOT</version>
 	</parent>
 
 	<artifactId>sdc-distribution-ci</artifactId>
diff --git a/sdc-distribution-client/pom.xml b/sdc-distribution-client/pom.xml
index 9ec6d02..14e03b5 100644
--- a/sdc-distribution-client/pom.xml
+++ b/sdc-distribution-client/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>org.openecomp.sdc.sdc-distribution-client</groupId>
 		<artifactId>sdc-main-distribution-client</artifactId>
-		<version>1.1.6-SNAPSHOT</version>
+		<version>1.1.7-SNAPSHOT</version>
 	</parent>
 
 	<artifactId>sdc-distribution-client</artifactId>
diff --git a/sdc-distribution-client/src/main/java/org/openecomp/sdc/http/HttpAsdcClient.java b/sdc-distribution-client/src/main/java/org/openecomp/sdc/http/HttpAsdcClient.java
index a08416c..6eb2ebd 100644
--- a/sdc-distribution-client/src/main/java/org/openecomp/sdc/http/HttpAsdcClient.java
+++ b/sdc-distribution-client/src/main/java/org/openecomp/sdc/http/HttpAsdcClient.java
@@ -67,7 +67,7 @@ import org.slf4j.LoggerFactory;
 
 public class HttpAsdcClient implements IHttpAsdcClient {
 
-	private static final String TLS = "TLS";
+	private static final String TLS = "TLSv1.2";
 	private static final String AUTHORIZATION_HEADER = "Authorization";
 	private static final String HTTPS = "https://";
 	private static Logger log = LoggerFactory.getLogger(DistributionClientImpl.class.getName());
@@ -178,8 +178,7 @@ public class HttpAsdcClient implements IHttpAsdcClient {
 				sslContext.init(null, tms, null);
 				SSLContext.setDefault(sslContext);
 
-				SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1", "TLSv1.1" }, null, hostnameVerifier);
-				httpClient = HttpClientBuilder.create().setDefaultCredentialsProvider(credsProvider).setSSLSocketFactory(sslsf).build();
+				
 
 			} else {
 
@@ -192,9 +191,10 @@ public class HttpAsdcClient implements IHttpAsdcClient {
 				});
 
 				sslContext = builder.build();
-
-				httpClient = HttpClientBuilder.create().setSSLHostnameVerifier(hostnameVerifier).setSslcontext(sslContext).setDefaultCredentialsProvider(credsProvider).build();
 			}
+			
+			SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1.2" }, null, hostnameVerifier);
+			httpClient = HttpClientBuilder.create().setDefaultCredentialsProvider(credsProvider).setSSLSocketFactory(sslsf).build();
 
 		} catch (Exception e) {
 			log.error("Failed to create https client", e);
diff --git a/sdc-distribution-client/src/main/java/org/openecomp/sdc/impl/DistributionClientImpl.java b/sdc-distribution-client/src/main/java/org/openecomp/sdc/impl/DistributionClientImpl.java
index ce74b26..d051458 100644
--- a/sdc-distribution-client/src/main/java/org/openecomp/sdc/impl/DistributionClientImpl.java
+++ b/sdc-distribution-client/src/main/java/org/openecomp/sdc/impl/DistributionClientImpl.java
@@ -146,7 +146,7 @@ public class DistributionClientImpl implements IDistributionClient {
 		}
 		if (errorWrapper.isEmpty()) {
 			try {
-				cambriaConsumer = new ConsumerBuilder().authenticatedBy(credential.getApiKey(), credential.getApiSecret()).knownAs(configuration.getConsumerGroup(), configuration.getConsumerID()).onTopic(notificationTopic).usingHosts(brokerServers)
+				cambriaConsumer = new ConsumerBuilder().authenticatedBy(credential.getApiKey(), credential.getApiSecret()).knownAs(configuration.getConsumerGroup(), configuration.getConsumerID()).onTopic(notificationTopic).usingHttps().usingHosts(brokerServers)
 						.withSocketTimeout(configuration.getPollingTimeout() * 1000).build();
 			} catch (MalformedURLException | GeneralSecurityException e) {
 				handleCambriaInitFailure(errorWrapper, e);
@@ -393,7 +393,7 @@ public class DistributionClientImpl implements IDistributionClient {
 	private Either<CambriaBatchingPublisher, IDistributionClientResult> getCambriaPublisher() {
 		CambriaBatchingPublisher cambriaPublisher = null;
 			try {
-				cambriaPublisher = new PublisherBuilder().onTopic(statusTopic).usingHosts(brokerServers).build();
+				cambriaPublisher = new PublisherBuilder().onTopic(statusTopic).usingHttps().usingHosts(brokerServers).build();
 				cambriaPublisher.setApiCredentials(credential.getApiKey(), credential.getApiSecret());
 			} catch (MalformedURLException | GeneralSecurityException e) {
 				Wrapper<IDistributionClientResult> errorWrapper = new Wrapper<>();
@@ -582,7 +582,7 @@ public class DistributionClientImpl implements IDistributionClient {
 	private synchronized void initCambriaClient(Wrapper<IDistributionClientResult> errorWrapper) {
 		if (cambriaIdentityManager == null) {
 			try {
-				cambriaIdentityManager = new IdentityManagerBuilder().usingHosts(brokerServers).build();
+				cambriaIdentityManager = new IdentityManagerBuilder().usingHttps().usingHosts(brokerServers).build();
 			} catch (MalformedURLException | GeneralSecurityException e) {
 				handleCambriaInitFailure(errorWrapper, e);
 			}
diff --git a/sdc-distribution-client/src/test/java/org/openecomp/sdc/impl/DistributionClientTest.java b/sdc-distribution-client/src/test/java/org/openecomp/sdc/impl/DistributionClientTest.java
index 72575a7..cf380cb 100644
--- a/sdc-distribution-client/src/test/java/org/openecomp/sdc/impl/DistributionClientTest.java
+++ b/sdc-distribution-client/src/test/java/org/openecomp/sdc/impl/DistributionClientTest.java
@@ -452,7 +452,7 @@ public class DistributionClientTest {
 	// ########### TESTS TO ADD TO CI START ###########
 	public void createKeysTestCI() throws MalformedURLException, GeneralSecurityException {
 		validateConfigurationTest();
-		CambriaIdentityManager trueCambria = new CambriaClientBuilders.IdentityManagerBuilder().usingHosts(serverList).build();
+		CambriaIdentityManager trueCambria = new CambriaClientBuilders.IdentityManagerBuilder().usingHttps().usingHosts(serverList).build();
 		client.cambriaIdentityManager = trueCambria;
 		DistributionClientResultImpl keysResult = client.createUebKeys();
 		Assert.assertEquals(DistributionActionResultEnum.SUCCESS, keysResult.getDistributionActionResult());
@@ -511,7 +511,7 @@ public class DistributionClientTest {
 	public void registerProducerCI() {
 
 		try {
-			CambriaTopicManager topicManager = new CambriaClientBuilders.TopicManagerBuilder().usingHosts(serverList).authenticatedBy("sSJc5qiBnKy2qrlc", "4ZRPzNJfEUK0sSNBvccd2m7X").build();
+			CambriaTopicManager topicManager = new CambriaClientBuilders.TopicManagerBuilder().usingHttps().usingHosts(serverList).authenticatedBy("sSJc5qiBnKy2qrlc", "4ZRPzNJfEUK0sSNBvccd2m7X").build();
 			topicManager.allowProducer("ASDC-DISTR-STATUS-TOPIC-TESTER", "1FSVAA3bRjhSKNAI");
 		} catch (HttpException | IOException | GeneralSecurityException e) {
 			// TODO Auto-generated catch block
diff --git a/sdc-tosca-parser/pom.xml b/sdc-tosca-parser/pom.xml
index 3bc6a80..199a923 100644
--- a/sdc-tosca-parser/pom.xml
+++ b/sdc-tosca-parser/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>org.openecomp.sdc.sdc-distribution-client</groupId>
 		<artifactId>sdc-main-distribution-client</artifactId>
-		<version>1.1.6-SNAPSHOT</version>
+		<version>1.1.7-SNAPSHOT</version>
 	</parent>
 
 	<artifactId>sdc-tosca-parser</artifactId>
author	Pavel Aharoni <pa0916@att.com>	2017-04-18 13:24:50 +0300
committer	Pavel Aharoni <pa0916@att.com>	2017-04-18 13:25:21 +0300
commit	b9e7afd028547fa7d000b3982f24ec32f06235db (patch)
tree	0033af0a187c3cfc1a533b9dfdc19cd5ecac8310
parent	429b875ade17cf4fbd5d6fb9a9ff8e4abe34973e (diff)