exit 1
fi
+if [ -z "$KEY_STORE_PASSWORD" ]; then
+ echo "KEY_STORE_PASSWORD must be set in order to start up process"
+ exit 1
+else
+ ## Extract java jar to DEOBFUSCATE the password.
+ CURR_D=`pwd`
+ cd $BASEDIR
+ jar xf data-router.jar
+ sudo java -cp ./BOOT-INF/lib/jetty-util-9.4.8.v20171121.jar org.eclipse.jetty.util.security.Password $KEY_STORE_PASSWORD > pass.txt 2>> pass.txt
+ PASS=`sed "2q;d" pass.txt`
+ sudo rm pass.txt
+ cd $CURR_D
+fi
+
+## tomcat_keystore to p12
+keytool -importkeystore -noprompt -deststorepass $PASS -destkeypass $PASS -srckeystore $BASEDIR/config/auth/tomcat_keystore -destkeystore $BASEDIR/config/auth/onap.p12 -deststoretype PKCS12 -srcstorepass $PASS
+
+## import into cacerts
+sudo keytool -importkeystore -noprompt -deststorepass changeit -destkeypass changeit -destkeystore /$JAVA_HOME/jre/lib/security/cacerts -srckeystore $BASEDIR/config/auth/onap.p12 -srcstoretype PKCS12 -srcstorepass $PASS -alias tomcat
+
PROPS="-DAJSC_HOME=$AJSC_HOME"
PROPS="$PROPS -DAJSC_CONF_HOME=$AJSC_CONF_HOME"
COPY bundleconfig-local $MICRO_HOME/bundleconfig
COPY bundleconfig-local/etc/logback.xml $MICRO_HOME/bundleconfig/etc
-# Create the aai user
-RUN mkdir /opt/aaihome && \
- groupadd -g 492381 aaiadmin && \
- useradd -r -u 341790 -g 492381 -ms /bin/bash -d /opt/aaihome/aaiadmin aaiadmin && \
- chown -R aaiadmin:aaiadmin $MICRO_HOME
-USER aaiadmin
EXPOSE 9502 9502
server.ssl.enabled=true
server.port=9502
-server.ssl.client-auth=want
-
+server.ssl.client-auth=need
server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
-
-#server.ssl.trust-store=C:\\ONAP\\spring\\data-router\\dynamic\\auth\\tomcat_keystore
-#server.ssl.trust-store-password=onapSecret
-#server.ssl.client-auth=want
-server.ssl.key-store-type=JKS
\ No newline at end of file
Code Review / aai / data-router.git / commitdiff