3 # ============LICENSE_START=======================================================
4 # Copyright (C) 2020 Nordix Foundation.
5 # ================================================================================
6 # Licensed under the Apache License, Version 2.0 (the "License");
7 # you may not use this file except in compliance with the License.
8 # You may obtain a copy of the License at
10 # http://www.apache.org/licenses/LICENSE-2.0
12 # Unless required by applicable law or agreed to in writing, software
13 # distributed under the License is distributed on an "AS IS" BASIS,
14 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 # See the License for the specific language governing permissions and
16 # limitations under the License.
18 # SPDX-License-Identifier: Apache-2.0
19 # ============LICENSE_END=========================================================
24 [ "${SHELL_XTRACE:-false}" = "true" ] && set -o xtrace
26 CONFIG=${CONFIG:-"${WORKSPACE}"/tests/sdnc/sdnc_netconf_tls_post_deploy/cert-data}
27 CONTAINER_IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.Gateway}}{{end}}' sdnc)
28 ODL_URL=${ODL_URL:-http://"${CONTAINER_IP}":8282}
30 PROC_NAME=${PROC_NAME%.sh}
33 # Requires coreutils package
34 date +"%Y-%m-%d %H:%M:%S.%3N"
41 printf "%s %-5s [%s] %s\n" "$(now_ms)" $level $PROC_NAME "$message"
44 # Extracts the body of a PEM file by removing the dashed header and footer
49 CA_CERT_ID=xNF_CA_certificate_0_0
50 CA_CERT=$(pem_body $CONFIG/truststore.pem)
52 SERVER_PRIV_KEY_ID=ODL_private_key_0
53 SERVER_KEY=$(pem_body $CONFIG/key.pem)
54 SERVER_CERT=$(pem_body $CONFIG/keystore.pem)
56 RESTCONF_URL=$ODL_URL/restconf
57 NETCONF_KEYSTORE_PATH=$RESTCONF_URL/config/netconf-keystore:keystore
60 curl -s -o /dev/null -H "Authorization: Basic YWRtaW46S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ==" -w %{http_code} "$@"
63 log INFO Delete Keystore
64 sc=$(xcurl -X DELETE $NETCONF_KEYSTORE_PATH)
66 if [ "$sc" != "200" -a "$sc" != "404" ]; then
67 log ERROR "Keystore deletion failed with SC=$sc"
71 log INFO Load CA certificate
72 sc=$(xcurl -X POST $NETCONF_KEYSTORE_PATH --header "Content-Type: application/json" --data "
74 \"trusted-certificate\": [
76 \"name\": \"$CA_CERT_ID\",
77 \"certificate\": \"$CA_CERT\"
83 if [ "$sc" != "200" -a "$sc" != "204" ]; then
84 log ERROR Trusted-certificate update failed with SC=$sc
88 log INFO Load server private key and certificate
89 sc=$(xcurl -X POST $NETCONF_KEYSTORE_PATH --header "Content-Type: application/json" --data "
92 \"name\": \"$SERVER_PRIV_KEY_ID\",
93 \"certificate-chain\": [
96 \"data\": \"$SERVER_KEY\"
101 if [ "$sc" != "200" -a "$sc" != "204" ]; then
102 log ERROR Private-key update failed with SC=$sc