Code Review / oom.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
[AAI][SCHEMA] Remove Hardcoded certificates
[oom.git] / kubernetes / aai / components / aai-schema-service / config / application.properties
diff --git a/kubernetes/aai/components/aai-schema-service/config/application.properties b/kubernetes/aai/components/aai-schema-service/config/application.properties
index a639c41..a3f7998 100644 (file)
--- a/kubernetes/aai/components/aai-schema-service/config/application.properties
+++ b/kubernetes/aai/components/aai-schema-service/config/application.properties
@@ -1,3 +1,4 @@
+{{/*
 # Copyright © 2018 Amdocs, Bell Canada, AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -13,6 +14,7 @@
 # limitations under the License.
 
 # The following info parameters are being referenced by ajsc6
+*/}}
 info.build.artifact=aai-schema-service
 info.build.name=schema-service
 info.build.description=Schema Service Microservice
@@ -35,13 +37,18 @@ server.local.startpath=aai-schema-service/src/main/resources/
 server.basic.auth.location=${server.local.startpath}/etc/auth/realm.properties
 
 server.port=8452
+{{ if ( include "common.needTLS" .) }}
 server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
-server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }}
-server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
-server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }}
-server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
+server.ssl.key-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
+server.ssl.key-store-password=${KEYSTORE_PASSWORD}
+server.ssl.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
+server.ssl.trust-store-password=${TRUSTSTORE_PASSWORD}
 server.ssl.client-auth=want
-server.ssl.key-store-type=JKS
+server.ssl.key-store-type=PKCS12
+{{ else }}
+security.require-ssl=false
+server.ssl.enabled=false
+{{ end }}
 
 schema.configuration.location=N/A
 schema.source.name={{ .Values.global.config.schema.source.name }}
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).