diff options
| author |   priyanshu <pagarwal@amdocs.com> | 2019-03-14 21:18:06 +0530 |
|---|---|---|
| committer | priyanshu <pagarwal@amdocs.com> | 2019-03-15 11:12:21 +0530 |
| commit | 91d1f6c223464dbc62fbca330110c7c46ac2028e (patch) | |
| tree | 4e3196e75c75b71aab9f921764a9dd5658b451f9 /README.md | |
| parent | ee0b26c61e4eb9251fb3a2fcc31fb276dcae7865 (diff) | |
Secure cassandra support on WF BE
1. Added support for secure cassandra on WF BE.
2. By default the SSL is not enabled.
3. updated ReadMe.
Change-Id: I2ddb5ebf091fd70c9693e7cc325fb44d03949dd6
Issue-ID: SDC-2194
Signed-off-by: priyanshu <pagarwal@amdocs.com>
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 22 |
1 files changed, 16 insertions, 6 deletions
@@ -98,8 +98,11 @@ messages. You can also see the logs of the initialization container using `docke `docker run -d -e SDC_PROTOCL=http/https -e SDC_ENDPOINT=<sdc-host>:<sdc-port> -e SDC_USER=<sdc-username> -e SDC_PASSWORD=<sdc-password> -e CS_HOSTS=<cassandra-hosts> -e CS_PORT=<cassandra-port> -e CS_AUTHENTICATE=true/false -e CS_USER=<cassandra-user> -e CS_PASSWORD=<cassandra-password> --e SSL_ENABLED=true/false -e SSL_KEY_PASSWORD=<ssl_key_password> -e SSL_KEYSTORE_PATH=<ssl_keystore_path> --e SSL_KEYSTORE_TYPE=<ssl_keystore_type> -e JAVA_OPTIONS=<jvm-options> nexus3.onap.org:10001/onap/workflow-backend:latest` +-e CS_SSL_ENABLED=true/false --volume <cassandra-truststore-path_container>:<cassandra-truststore-path_local> +-e CS_TRUST_STORE_PATH=<cassandra-truststore-path_container> -e CS_TRUST_STORE_PASSWORD=<cassandra-truststore-password> +-e SERVER_SSL_ENABLED=true/false -e SERVER_SSL_KEY_PASSWORD=<ssl_key_password> +-e SERVER_SSL_KEYSTORE_PATH=<ssl_keystore_path> -e SERVER_SSL_KEYSTORE_TYPE=<ssl_keystore_type> +-e JAVA_OPTIONS=<jvm-options> nexus3.onap.org:10001/onap/workflow-backend:latest` ### Environment Variables @@ -123,14 +126,21 @@ assumed if this variable is not specified. - CS_PASSWORD — Cassandra password if CS_AUTHENTICATE is *true*. -- SSL_ENABLED — whether ssl authentication must be used to connect to application. A *false* will be +- CS_SSL_ENABLED — whether ssl authentication must be used to connect to Cassandra. A *false* will be assumed if this variable is not specified. -- SSL_KEY_PASSWORD — SSL key password if SSL_ENABLED is *true*. +- CS_TRUST_STORE_PATH — Cassandra Truststore path if CS_SSL_ENABLED is *true*. -- SSL_KEYSTORE_PATH — SSL Keystore path if SSL_ENABLED is *true*. +- CS_TRUST_STORE_PASSWORD — Cassandra Truststore password if CS_SSL_ENABLED is *true*. -- SSL_KEYSTORE_TYPE — SSL Keystore type if SSL_ENABLED is *true*. +- SERVER_SSL_ENABLED — whether ssl authentication must be used to connect to application. A *false* will be +assumed if this variable is not specified. + +- SERVER_SSL_KEY_PASSWORD — SSL key password if SERVER_SSL_ENABLED is *true*. + +- SERVER_SSL_KEYSTORE_PATH — SSL Keystore path if SERVER_SSL_ENABLED is *true*. + +- SERVER_SSL_KEYSTORE_TYPE — SSL Keystore type if SERVER_SSL_ENABLED is *true*. - JAVA_OPTIONS — optionally, JVM (Java Virtual Machine) arguments. |