summaryrefslogtreecommitdiffstats
path: root/vnfm-simulator
diff options
context:
space:
mode:
authorMichaelMorris <michael.morris@est.tech>2019-07-22 14:28:09 +0000
committerMichaelMorris <michael.morris@est.tech>2019-07-22 14:28:09 +0000
commitc6c0077ac3db6190d1f364360de5af17e9fcd08b (patch)
tree6c1a095523beb5f2de336bf419af48723c142f9d /vnfm-simulator
parentbbdb1c45a93194db2712d8c146e263a03737f25c (diff)
Implement TLS for calls into VNFM adapter
Issue-ID: SO-2143 Change-Id: I2fcacab7aebc9a22b952d881b0bf2404e1638b37 Signed-off-by: MichaelMorris <michael.morris@est.tech>
Diffstat (limited to 'vnfm-simulator')
-rw-r--r--vnfm-simulator/vnfm-service/src/main/java/org/onap/svnfm/simulator/services/OperationProgressor.java19
-rw-r--r--vnfm-simulator/vnfm-service/src/main/resources/so-vnfm-adapter.crt.pem30
2 files changed, 49 insertions, 0 deletions
diff --git a/vnfm-simulator/vnfm-service/src/main/java/org/onap/svnfm/simulator/services/OperationProgressor.java b/vnfm-simulator/vnfm-service/src/main/java/org/onap/svnfm/simulator/services/OperationProgressor.java
index 218cc2de03..83f079c376 100644
--- a/vnfm-simulator/vnfm-service/src/main/java/org/onap/svnfm/simulator/services/OperationProgressor.java
+++ b/vnfm-simulator/vnfm-service/src/main/java/org/onap/svnfm/simulator/services/OperationProgressor.java
@@ -1,5 +1,7 @@
package org.onap.svnfm.simulator.services;
+import java.io.IOException;
+import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.List;
@@ -34,10 +36,13 @@ import org.onap.svnfm.simulator.model.Vnfds;
import org.onap.svnfm.simulator.repository.VnfOperationRepository;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.springframework.core.io.ClassPathResource;
public abstract class OperationProgressor implements Runnable {
private static final Logger LOGGER = LoggerFactory.getLogger(OperationProgressor.class);
+ private static final String CERTIFICATE_TO_TRUST = "so-vnfm-adapter.crt.pem";
+
protected final VnfOperation operation;
protected final SvnfmService svnfmService;
private final VnfOperationRepository vnfOperationRepository;
@@ -61,14 +66,25 @@ public abstract class OperationProgressor implements Runnable {
String callBackUrl = subscriptionService.getSubscriptions().iterator().next().getCallbackUri();
callBackUrl = callBackUrl.substring(0, callBackUrl.indexOf("/lcn/"));
apiClient.setBasePath(callBackUrl);
+ apiClient.setSslCaCert(getCertificateToTrust());
notificationClient = new DefaultApi(apiClient);
final org.onap.so.adapters.vnfmadapter.extclients.vnfm.grant.ApiClient grantApiClient =
new org.onap.so.adapters.vnfmadapter.extclients.vnfm.grant.ApiClient();
grantApiClient.setBasePath(callBackUrl);
+ grantApiClient.setSslCaCert(getCertificateToTrust());
grantClient = new org.onap.so.adapters.vnfmadapter.extclients.vnfm.grant.api.DefaultApi(grantApiClient);
}
+ private InputStream getCertificateToTrust() {
+ try {
+ return new ClassPathResource(CERTIFICATE_TO_TRUST).getInputStream();
+ } catch (final IOException exception) {
+ LOGGER.error("Error reading certificate to trust, https calls to VNFM adapter will fail", exception);
+ return null;
+ }
+ }
+
@Override
public void run() {
try {
@@ -176,6 +192,9 @@ public abstract class OperationProgressor implements Runnable {
MediaType.APPLICATION_JSON, authHeader);
} catch (final ApiException exception) {
LOGGER.error("Error sending notification: " + notification, exception);
+ LOGGER.error("Response code: {}, body: {}, basePath: {}", exception.getCode(), exception.getResponseBody(),
+ notificationClient.getApiClient().getBasePath());
+
}
}
diff --git a/vnfm-simulator/vnfm-service/src/main/resources/so-vnfm-adapter.crt.pem b/vnfm-simulator/vnfm-service/src/main/resources/so-vnfm-adapter.crt.pem
new file mode 100644
index 0000000000..3c899e3bf5
--- /dev/null
+++ b/vnfm-simulator/vnfm-service/src/main/resources/so-vnfm-adapter.crt.pem
@@ -0,0 +1,30 @@
+Bag Attributes
+ friendlyName: so@so.onap.org
+ localKeyID: 54 69 6D 65 20 31 35 36 33 34 36 33 36 32 39 35 38 33
+subject=/CN=so-vnfm-adapter/emailAddress=/OU=so@so.onap.org/OU=OSAAF/O=ONAP/C=US
+issuer=/C=US/O=ONAP/OU=OSAAF/CN=intermediateCA_9
+-----BEGIN CERTIFICATE-----
+MIIEITCCAwmgAwIBAgIILuAnLLineoYwDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE
+BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp
+bnRlcm1lZGlhdGVDQV85MB4XDTE5MDcxODE1MjcwOVoXDTIwMDcxODE1MjcwOVow
+cDEYMBYGA1UEAwwPc28tdm5mbS1hZGFwdGVyMQ8wDQYJKoZIhvcNAQkBFgAxFzAV
+BgNVBAsMDnNvQHNvLm9uYXAub3JnMQ4wDAYDVQQLDAVPU0FBRjENMAsGA1UECgwE
+T05BUDELMAkGA1UEBhMCVVMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCu2NbWjFiZ5Tz5P7daCD6mqJqSWV3f+gkM2VC/UYM/43hd/2ILJbbtsv4uzS/P
+GXl3UIKBjb7zRiDCvLNMFsHCZ9/gIonG1z737S42LCrdVKq/KQ59yIOPrxYmLyiQ
+Xy81ChX77b2KvKPPeF+K/wnh5fLwlcJ18geeCoWGaMK0C/i6J/uUb9z+Ef0Nmtau
+NdXAuUnERCKMra+3kFxZwaRC/gSCy+/s6EQdeaGNiijg03AmrUx9XjrJjHbYMDVo
+OKSxtv0E4fxbfmTpHaKCuN4eg+0nEXw/eiIEuSHJuh3KKv7wRoP/hG/Tdog7x60M
+SD+hdNjCbFP6yAyMPfoxVnjHAgMBAAGjgecwgeQwCQYDVR0TBAIwADAOBgNVHQ8B
+Af8EBAMCBeAwIAYDVR0lAQH/BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFQGA1Ud
+IwRNMEuAFIH3mVsQuciM3vNSXupOaaBDPqzdoTCkLjAsMQ4wDAYDVQQLDAVPU0FB
+RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVOCAQcwHQYDVR0OBBYEFFLrO3T4
+QybeDQ28mHgC/xT5f03qMDAGA1UdEQQpMCeCD3NvLXZuZm0tYWRhcHRlcoIUc28t
+dm5mbS1hZGFwdGVyLm9uYXAwDQYJKoZIhvcNAQELBQADggEBACe+JaVIjTku/QNp
+XoQCNN+sllSZmEHTLmYfpSzY5BY2AeJsgTYqFtAhtp6uQf8Jr993CyEyeJ4if2Z9
+J5NWoJKmY1+a63UphB1mg4sNSCuDxvbxPjtrFkOx/DiB1XEUdoifS9IQSDIIuhaD
+YP6sih1TBOh/2ityCe51Mu1J9/wgb24rlYouVtEyQeIai4dqngFHeQHeNXOnGN0z
+osEcKSYa0C+ZOAomBMT58C2aDz9vyI8YPuzwVSDKndmXUgvrkkVnxk3qJRtghDQc
+RV+4SeZg8s4+5DxKL4AL15IAaAPMJHi+MRtfm7qNzqCEl5sAEzO7S4oVHeWLNFV8
+a9PHErg=
+-----END CERTIFICATE-----