From e69e424aa205dce56cebda5babce30fe260b10f8 Mon Sep 17 00:00:00 2001
From: "r.bogacki" <r.bogacki@samsung.com>
Date: Tue, 1 Oct 2019 08:58:51 +0200
Subject: Enabled HTTPS for sdc-workflow-designer

-Enabled HTTPS for frontend and backend
-Updated paths and passwords for a certificates

Issue-ID: SDC-2479
Signed-off-by: Robert Bogacki <r.bogacki@samsung.com>
Change-Id: Ibccdae478c047aac1a69192e3c257ea31dc39cac
---
 workflow-designer-ui/docker/Dockerfile             |   6 ++++--
 workflow-designer-ui/docker/org.onap.sdc.p12       | Bin 0 -> 4459 bytes
 workflow-designer-ui/docker/org.onap.sdc.trust.jks | Bin 0 -> 1413 bytes
 workflow-designer-ui/docker/startup.sh             |  10 +++++++---
 4 files changed, 11 insertions(+), 5 deletions(-)
 create mode 100644 workflow-designer-ui/docker/org.onap.sdc.p12
 create mode 100644 workflow-designer-ui/docker/org.onap.sdc.trust.jks

(limited to 'workflow-designer-ui/docker')

diff --git a/workflow-designer-ui/docker/Dockerfile b/workflow-designer-ui/docker/Dockerfile
index 83e8d5ac..2a0ef24c 100644
--- a/workflow-designer-ui/docker/Dockerfile
+++ b/workflow-designer-ui/docker/Dockerfile
@@ -7,10 +7,12 @@ USER root
 
 ARG ARTIFACT
 
+COPY org.onap.sdc.p12 org.onap.sdc.trust.jks /etc/sdc-cert/
+
 ADD ${ARTIFACT} ${JETTY_BASE}/webapps/
-RUN chown -R jetty:jetty ${JETTY_BASE}/webapps
+RUN chown -R jetty:jetty ${JETTY_BASE}/webapps /etc/sdc-cert
 
 COPY startup.sh .
 RUN chmod 744 startup.sh
 
-ENTRYPOINT [ "./startup.sh" ]
\ No newline at end of file
+ENTRYPOINT [ "./startup.sh" ]
diff --git a/workflow-designer-ui/docker/org.onap.sdc.p12 b/workflow-designer-ui/docker/org.onap.sdc.p12
new file mode 100644
index 00000000..d03ca1c9
Binary files /dev/null and b/workflow-designer-ui/docker/org.onap.sdc.p12 differ
diff --git a/workflow-designer-ui/docker/org.onap.sdc.trust.jks b/workflow-designer-ui/docker/org.onap.sdc.trust.jks
new file mode 100644
index 00000000..d07ce1a6
Binary files /dev/null and b/workflow-designer-ui/docker/org.onap.sdc.trust.jks differ
diff --git a/workflow-designer-ui/docker/startup.sh b/workflow-designer-ui/docker/startup.sh
index 359e6aca..431a0cda 100644
--- a/workflow-designer-ui/docker/startup.sh
+++ b/workflow-designer-ui/docker/startup.sh
@@ -7,12 +7,16 @@ if [ "$HTTPS_ENABLED" = "true" ]
 then
     echo "enable ssl"
     if [ -z "$KEYSTORE_PATH" ]; then
+
+        keystore_pass="!ppJ.JvWn0hGh)oVF]([Kv)^"
+        truststore_pass="].][xgtze]hBhz*wy]}m#lf*"
+
         java -jar "${JETTY_HOME}/start.jar" --add-to-start=https,ssl \
             jetty.sslContext.keyStorePath=$KEYSTORE_PATH \
-            jetty.sslContext.keyStorePassword=$KEYSTORE_PASSWORD \
+            jetty.sslContext.keyStorePassword=${KEYSTORE_PASS:-$keystore_pass} \
             jetty.sslContext.keyStoreType=$KEYSTORE_TYPE \
             jetty.sslContext.trustStorePath=$TRUSTSTORE_PATH \
-            jetty.sslContext.trustStorePassword=$TRUSTSTORE_PASSWORD \
+            jetty.sslContext.trustStorePassword=${TRUSTSTORE_PASS:-$truststore_pass} \
             jetty.sslContext.trustStoreType=$TRUSTSTORE_TYPE \
      else
          echo "Using jetty default SSL"
@@ -22,4 +26,4 @@ else
     echo "no ssl required"
 fi
 
-java -DproxyTo=$BACKEND $JAVA_OPTIONS -jar $JETTY_HOME/start.jar
\ No newline at end of file
+java -DproxyTo=$BACKEND $JAVA_OPTIONS -jar $JETTY_HOME/start.jar
-- 
cgit 1.2.3-korg