Changes for backend to support SSL

Changes to support starting in https mode and changes to support making a secured call to the SDC backend
(cherry picked from commit 820f4ec65a28ed822d4205b05ac6fbbd910a46cc)

Issue-ID: SDC-2405

Change-Id: I0588484fdcb0903934814906672f4fc9a76eca2c
Signed-off-by: ilanap <ilanap@amdocs.com>

4 files changed, 20 insertions, 16 deletions

diff --git a/workflow-designer-ui/docker/Dockerfile b/workflow-designer-ui/docker/Dockerfile
index 83e8d5ac..52562374 100644
--- a/workflow-designer-ui/docker/Dockerfile
+++ b/workflow-designer-ui/docker/Dockerfile
@@ -7,10 +7,12 @@ USER root
 
 ARG ARTIFACT
 
+COPY org.onap.sdc.p12 org.onap.sdc.trust.jks ${JETTY_BASE}/etc/
+
 ADD ${ARTIFACT} ${JETTY_BASE}/webapps/
-RUN chown -R jetty:jetty ${JETTY_BASE}/webapps
+RUN chown -R jetty:jetty ${JETTY_BASE}/webapps ${JETTY_BASE}/etc/
 
 COPY startup.sh .
 RUN chmod 744 startup.sh
 
-ENTRYPOINT [ "./startup.sh" ]
\ No newline at end of file
+ENTRYPOINT [ "./startup.sh" ]
diff --git a/workflow-designer-ui/docker/org.onap.sdc.p12 b/workflow-designer-ui/docker/org.onap.sdc.p12
new file mode 100644
index 00000000..d03ca1c9
--- /dev/null
+++ b/workflow-designer-ui/docker/org.onap.sdc.p12
diff --git a/workflow-designer-ui/docker/org.onap.sdc.trust.jks b/workflow-designer-ui/docker/org.onap.sdc.trust.jks
new file mode 100644
index 00000000..d07ce1a6
--- /dev/null
+++ b/workflow-designer-ui/docker/org.onap.sdc.trust.jks
diff --git a/workflow-designer-ui/docker/startup.sh b/workflow-designer-ui/docker/startup.sh
index 359e6aca..b2f2d516 100644
--- a/workflow-designer-ui/docker/startup.sh
+++ b/workflow-designer-ui/docker/startup.sh
@@ -2,24 +2,26 @@
 
 # adding support for https
 HTTPS_ENABLED=${IS_HTTPS:-"false"}
-
+CLIENT_AUTH=${IS_CLIENT_AUTH:-"false"}
 if [ "$HTTPS_ENABLED" = "true" ]
 then
     echo "enable ssl"
-    if [ -z "$KEYSTORE_PATH" ]; then
-        java -jar "${JETTY_HOME}/start.jar" --add-to-start=https,ssl \
-            jetty.sslContext.keyStorePath=$KEYSTORE_PATH \
-            jetty.sslContext.keyStorePassword=$KEYSTORE_PASSWORD \
-            jetty.sslContext.keyStoreType=$KEYSTORE_TYPE \
-            jetty.sslContext.trustStorePath=$TRUSTSTORE_PATH \
-            jetty.sslContext.trustStorePassword=$TRUSTSTORE_PASSWORD \
-            jetty.sslContext.trustStoreType=$TRUSTSTORE_TYPE \
-     else
-         echo "Using jetty default SSL"
-         java -jar "${JETTY_HOME}/start.jar" --add-to-start=https,ssl
-     fi
+
+    java -jar "${JETTY_HOME}/start.jar" --add-to-start=https,ssl \
+        jetty.sslContext.keyStorePath=$KEYSTORE_PATH \
+        jetty.sslContext.keyStorePassword=$KEYSTORE_PASS \
+	    jetty.sslContext.keyManagerPassword=$KEYSTORE_PASS \
+        jetty.sslContext.trustStorePath=$TRUSTSTORE_PATH \
+        jetty.sslContext.trustStorePassword=$TRUSTSTORE_PASS
+
+    echo "setting SSL environment variable"
+
+    SSL_JAVA_OPTS=" -DkeystorePath=$JETTY_BASE/$KEYSTORE_PATH -DkeystorePassword=$KEYSTORE_PASS -DkeyManagerPassword=$KEYSTORE_PASS -DtruststorePath=$JETTY_BASE/$KEYSTORE_PATH -DtruststorePassword=$TRUSTSTORE_PASS -DsslTrustAll=$TRUST_ALL"
+
+    echo $SSL_JAVA_OPTS
+
 else
     echo "no ssl required"
 fi
+java $JAVA_OPTIONS -DproxyTo=$BACKEND $SSL_JAVA_OPTS -jar $JETTY_HOME/start.jar
 
-java -DproxyTo=$BACKEND $JAVA_OPTIONS -jar $JETTY_HOME/start.jar
\ No newline at end of file