diff options
author | 2019-11-18 13:38:23 +0200 | |
---|---|---|
committer | 2019-12-18 15:17:23 +0200 | |
commit | 75d642902350562a790cf034ea92568ba5d52168 (patch) | |
tree | e09e53fd5f26403563665d2984cadfc1d365d5bc /workflow-designer-ui/docker | |
parent | ecdc9e7f3c2949b07e7de24c1f065af483f6b347 (diff) |
Changes for backend to support SSL
Changes to support starting in https mode and changes to support making a secured call to the SDC backend
(cherry picked from commit 820f4ec65a28ed822d4205b05ac6fbbd910a46cc)
Issue-ID: SDC-2405
Change-Id: I0588484fdcb0903934814906672f4fc9a76eca2c
Signed-off-by: ilanap <ilanap@amdocs.com>
Diffstat (limited to 'workflow-designer-ui/docker')
-rw-r--r-- | workflow-designer-ui/docker/Dockerfile | 6 | ||||
-rw-r--r-- | workflow-designer-ui/docker/org.onap.sdc.p12 | bin | 0 -> 4459 bytes | |||
-rw-r--r-- | workflow-designer-ui/docker/org.onap.sdc.trust.jks | bin | 0 -> 1413 bytes | |||
-rw-r--r-- | workflow-designer-ui/docker/startup.sh | 30 |
4 files changed, 20 insertions, 16 deletions
diff --git a/workflow-designer-ui/docker/Dockerfile b/workflow-designer-ui/docker/Dockerfile index 83e8d5ac..52562374 100644 --- a/workflow-designer-ui/docker/Dockerfile +++ b/workflow-designer-ui/docker/Dockerfile @@ -7,10 +7,12 @@ USER root ARG ARTIFACT +COPY org.onap.sdc.p12 org.onap.sdc.trust.jks ${JETTY_BASE}/etc/ + ADD ${ARTIFACT} ${JETTY_BASE}/webapps/ -RUN chown -R jetty:jetty ${JETTY_BASE}/webapps +RUN chown -R jetty:jetty ${JETTY_BASE}/webapps ${JETTY_BASE}/etc/ COPY startup.sh . RUN chmod 744 startup.sh -ENTRYPOINT [ "./startup.sh" ]
\ No newline at end of file +ENTRYPOINT [ "./startup.sh" ] diff --git a/workflow-designer-ui/docker/org.onap.sdc.p12 b/workflow-designer-ui/docker/org.onap.sdc.p12 Binary files differnew file mode 100644 index 00000000..d03ca1c9 --- /dev/null +++ b/workflow-designer-ui/docker/org.onap.sdc.p12 diff --git a/workflow-designer-ui/docker/org.onap.sdc.trust.jks b/workflow-designer-ui/docker/org.onap.sdc.trust.jks Binary files differnew file mode 100644 index 00000000..d07ce1a6 --- /dev/null +++ b/workflow-designer-ui/docker/org.onap.sdc.trust.jks diff --git a/workflow-designer-ui/docker/startup.sh b/workflow-designer-ui/docker/startup.sh index 359e6aca..b2f2d516 100644 --- a/workflow-designer-ui/docker/startup.sh +++ b/workflow-designer-ui/docker/startup.sh @@ -2,24 +2,26 @@ # adding support for https HTTPS_ENABLED=${IS_HTTPS:-"false"} - +CLIENT_AUTH=${IS_CLIENT_AUTH:-"false"} if [ "$HTTPS_ENABLED" = "true" ] then echo "enable ssl" - if [ -z "$KEYSTORE_PATH" ]; then - java -jar "${JETTY_HOME}/start.jar" --add-to-start=https,ssl \ - jetty.sslContext.keyStorePath=$KEYSTORE_PATH \ - jetty.sslContext.keyStorePassword=$KEYSTORE_PASSWORD \ - jetty.sslContext.keyStoreType=$KEYSTORE_TYPE \ - jetty.sslContext.trustStorePath=$TRUSTSTORE_PATH \ - jetty.sslContext.trustStorePassword=$TRUSTSTORE_PASSWORD \ - jetty.sslContext.trustStoreType=$TRUSTSTORE_TYPE \ - else - echo "Using jetty default SSL" - java -jar "${JETTY_HOME}/start.jar" --add-to-start=https,ssl - fi + + java -jar "${JETTY_HOME}/start.jar" --add-to-start=https,ssl \ + jetty.sslContext.keyStorePath=$KEYSTORE_PATH \ + jetty.sslContext.keyStorePassword=$KEYSTORE_PASS \ + jetty.sslContext.keyManagerPassword=$KEYSTORE_PASS \ + jetty.sslContext.trustStorePath=$TRUSTSTORE_PATH \ + jetty.sslContext.trustStorePassword=$TRUSTSTORE_PASS + + echo "setting SSL environment variable" + + SSL_JAVA_OPTS=" -DkeystorePath=$JETTY_BASE/$KEYSTORE_PATH -DkeystorePassword=$KEYSTORE_PASS -DkeyManagerPassword=$KEYSTORE_PASS -DtruststorePath=$JETTY_BASE/$KEYSTORE_PATH -DtruststorePassword=$TRUSTSTORE_PASS -DsslTrustAll=$TRUST_ALL" + + echo $SSL_JAVA_OPTS + else echo "no ssl required" fi +java $JAVA_OPTIONS -DproxyTo=$BACKEND $SSL_JAVA_OPTS -jar $JETTY_HOME/start.jar -java -DproxyTo=$BACKEND $JAVA_OPTIONS -jar $JETTY_HOME/start.jar
\ No newline at end of file |