From: Ryan Young Date: Thu, 7 Jun 2018 18:54:32 +0000 (-0400) Subject: Update to new two-way certificate for AAF X-Git-Tag: 1.4.4~65 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;ds=sidebyside;h=cc3142b7f07c697167ace366887acb2836bb48ef;p=appc%2Fdeployment.git Update to new two-way certificate for AAF Change-Id: I5079eca9bb781eb5d43fd53143587f74bf257022 Signed-off-by: Ryan Young Issue-ID: APPC-985 --- diff --git a/installation/appc/pom.xml b/installation/appc/pom.xml index f82b170..bb9a0d8 100644 --- a/installation/appc/pom.xml +++ b/installation/appc/pom.xml @@ -136,6 +136,7 @@ limitations under the License. *.jks *.p12 + *keyfile false @@ -380,6 +381,7 @@ limitations under the License. *.jks *.p12 + *.keyfile false diff --git a/installation/appc/src/main/scripts/installZips.sh b/installation/appc/src/main/scripts/installZips.sh index 01045d4..ccc610c 100644 --- a/installation/appc/src/main/scripts/installZips.sh +++ b/installation/appc/src/main/scripts/installZips.sh @@ -131,6 +131,9 @@ echo "Downloading aaf-cadi-shiro from nexus" mvn -U ${mavenOpts} org.apache.maven.plugins:maven-dependency-plugin:2.9:copy -Dartifact=org.onap.aaf.authz:aaf-shiro-aafrealm-osgi-bundle:${AAF_SHIRO_VERSION} -DoutputDirectory=${targetDir}/data mv ${targetDir}/data/aaf-shiro-aafrealm-osgi-bundle-*.jar ${targetDir}/data/aaf-shiro-aafrealm-osgi-bundle.jar +echo "Setting keyfile to readonly" +chmod 400 ${targetDir}/data/stores/org.onap.appc.keyfile + echo "Downloading CDT Proxy Jar from nexus" mvn -U ${mavenOpts} org.apache.maven.plugins:maven-dependency-plugin:2.9:copy -Dartifact=org.onap.appc.cdt:cdt-proxy-service:${APPC_CDT_VERSION} -DoutputDirectory=${targetDir}/cdt-proxy-service mv ${targetDir}/cdt-proxy-service/cdt-proxy-service-*.jar ${targetDir}/cdt-proxy-service/cdt-proxy-service.jar diff --git a/installation/src/main/properties/cadi.properties b/installation/src/main/properties/cadi.properties index 9d8e0cb..ba1b253 100644 --- a/installation/src/main/properties/cadi.properties +++ b/installation/src/main/properties/cadi.properties @@ -17,38 +17,41 @@ # limitations under the License. # ============LICENSE_END========================================================= ### -hostname=localhost - -csp_devl_localhost=true - -# should this be onap.org? -basic_realm=onap.org - -basic_warn=TRUE - -cadi_loglevel=DEBUG - -aaf_taf_class=com.att.cadi.aaf.v2_0.AAFTaf -aaf_domain_support=.org - -# add location of keyfile to use encrypted password -#cadi_keyfile=/opt/appc/data/stores/appckeyfile -#cadi_keystore=etc/keystore/truststore2018.jks -#cadi_keystore_password=changeit - -AFT_DME2_CLIENT_IGNORE_SSL_CONFIG=false - -cadi_protocols=TLSv1.1,TLSv1.2 - -# Configure AAF -aaf_url=http://10.12.5.148:8101 - -aaf_id=admin@appc.onap.org - -# to use encrypted password ensure cadi_keyfile location has been set -aaf_password=appc_admin - -aaf_timeout=5000 -aaf_clean_interval=30000 -aaf_user_expires=5000 -aaf_high_count=1000 \ No newline at end of file +#hostname=localhost + +cadi_loglevel=INFO + +############################################################ +# Properties Generated by AT&T Certificate Manager +# @copyright 2016, AT&T +############################################################ +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US +cadi_keyfile=/opt/onap/appc/data/stores/org.onap.appc.keyfile +cadi_keystore=/opt/onap/appc/data/stores/org.onap.appc.p12 +cadi_keystore_password=enc:4DVUTKvRCCtebQrKskDsuKFIHLzOf2M9XxNOhVIK4xb +#cadi_key_password=enc: +cadi_alias=appc@appc.onap.org +cadi_truststore=/opt/onap/appc/data/stores/truststoreONAPall.jks +cadi_truststore_password=enc:O3Vtv5e77OQWJ_OiLC9Atj3ngyYfulRK519JYFmbKl7 + +## +## org.osaaf.location.props +## +## Localized Machine Information +## +# Almeda California ? +cadi_latitude=37.78187 +cadi_longitude=-122.26147 + +# Locate URL (which AAF Env) +aaf_locate_url=https://aaf-onap-beijing-test.osaaf.org + +# AAF URL +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0 + +# AAF Environment Designation +aaf_env=DEV + +# OAuth2 Endpoints +aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect \ No newline at end of file diff --git a/installation/src/main/stores/ONAPall.p12 b/installation/src/main/stores/ONAPall.p12 deleted file mode 100644 index 36121ee..0000000 Binary files a/installation/src/main/stores/ONAPall.p12 and /dev/null differ diff --git a/installation/src/main/stores/keystore.clientnew.p12 b/installation/src/main/stores/keystore.clientnew.p12 deleted file mode 100644 index 932889e..0000000 Binary files a/installation/src/main/stores/keystore.clientnew.p12 and /dev/null differ diff --git a/installation/src/main/stores/org.onap.appc.keyfile b/installation/src/main/stores/org.onap.appc.keyfile new file mode 100644 index 0000000..2bbe2aa --- /dev/null +++ b/installation/src/main/stores/org.onap.appc.keyfile @@ -0,0 +1,27 @@ +QO2Mv5stW6eqbdrGwVYa_OedojcAzSoL4YyQhK6rTFXcsidODGaLSNi8kxc9xPmHe3yHxDf6_ivv +y9gigX4Ijg0skJZIycd1f_-xL31fndnvDvx9eE4CDTVCDhieAEviYzi3MiyaHUMvLX5RXVGgKrb8 +jn4trFqzeKCntHYIwhEBEfOdTi59UjCXaH-oYC0UMaD4N0d1XxSR9xEGAUg4JqbarKmS5LeYQNro +xyOfmE-4odEIAs4PO4XKyFQAEUsXVIMhPZFQdDqRaMx5AqinKhBsgNBWAeyAIVv--VpA--adsH-4 +SlA5MCEbN7b9OrRHEsDZSQGyJdaf3Hzixh5sMIyxsI7tL0Sm1PRqyX9dhwrD1vkKZp9rBLi1FbQX +J1-oky0Luk9ulqrlgPPYH7LsIuowm3sl0cRk_A0DkUs8oVZM0yo8sYNjd9Si7qrE7uuPgszPeZgC +3AMUMVK05uTWrd4sT7uQI-1YCp24XQBjvlWmaCDbQEw6Xct1PDOKosJIdXVJlCvbkOGS_Uhhyd3g +2Yb6hoS2CPb8l41pA70zS6SmvPz3BwJKc9UKqX-UMqGTh50YeaYPUUXK_pZJTXxQwNQSXfqdMQwD +eqwAocTbAzUbXgVRfLTwAm5QEp3khvtv8Xb8xGNCQfhSHOi_qpJCXv1Fw7LSnl4lK7KWTfpBrX7w +s2HXG1OBzgJKBSMlQqOJEfHfn9Tn1XZiaGmeq0AMUURKrbgCoIyRjKhSpMBbCKcJLpa-emmAOoi0 +04l51G4Xj7xUoC_riTJbXXgJESzJ2UD0NfZFTK0shXsxca7-Tokz6XF2l6lMEpJdvyhKfANbjF_n +hlCKEjFdO6v_T8GjTdBLTd4y6QX-CzsN0o8n0DolDoA_52pSaZ4jwlKgdmAiV1vODzb_Tp9-_082 +_CbYH-er-fzlOG6SH20MiqSgv_ywtyVrro5HMIT2pKKyMK54OsGltXcQAh0Le_UfsGicsnKbmq3m +YuAXy43mbqdTk57hsVQ32L_ijj7SG1LLte99ky5-WRq1Yogzfp84MMG_EsT9qowoKSVziiicAayR +-FTbvwJzeBbsMhYiIyqcpPrsifkRQndzLb5Q-jjWjxp947kxFTXrppetqmtoHhSjU2fTMorzaKTD +gEUvzPIDnbLkoDUONjtNAOSxrd37LKmzeg_2HvpAKRTre9utwITuePVJp_EeP2zk8Q42MusUbZVa +U2ELj1ib0torx1taEF9he0tah262ugDKZ6ymsaEnglavgQ1gquAja7_HBiwZZlddJyQ0PKb7EVAH +9LWJIgS2ejjOI551X8U9UfCWiNqVjmq56ydbVQqKbEfcXuZkjOjSrwJP_rbTZizHyiWkpu-htLrj +veeUok9UjowD4dH299rfiAu-zhiAoHYu6lahoPmRdmorLJ48W5Fo9XentFDmHisZrMUdC_ZZQ4fI +QAc8s7mkmn9UJ1vU2vwfqEg92oXvAx4l5k-tYWbxcb7PSlK4MJiGYd4-QmdvYIl31vuvlQrktWRJ +nwb09CTXM9GfKil93JTG2-pPqIjJkFNGk0oXXeJ9Fqr-T0Q3ca0iLXR8tGxw3Nvu_XPpUVxghzM_ +mUGD0cD6Fj9-LWCMtS5FgnmmcFpCGOOgAJVt4rsuigH5De-TmRmiV89uLUCsZBtD7C919YaRcxRX +VvqQir2umIMWPoUfjBnYaej2P3wF2GMK6QNwyBqr77JVzlUvbn4BwGCyPodF8p5BaF06bmzT39o- +eqm5yWdQlu9ZnU532KlbQYEhqGnlUdix0_wsx3rZ9csnOicTsxDk8cm2ERXcxxzdOohLp9yRb1-K +QEdJ9FhGTZZN2MfrMwEcdZGg_Rc0cSiMjKZ6P5O29JE5yOyffgBB6nDAGJ8rqjNKjb0AEVHjKhwj +VD8cjcOQubgHx0-1PXEp8fpPVatAANm9AxhCeDSP2CLrFAWffgtz28Iq2pFrOOMbLp6G34fYYsS1 +Z1VI2JyjD7Us1_IKAsB4bY-aL-HyYmu5GiGN0yYSnUF1DoZU1MEa7snVuOJ4fDhq7cxvVS44 \ No newline at end of file diff --git a/installation/src/main/stores/org.onap.appc.p12 b/installation/src/main/stores/org.onap.appc.p12 new file mode 100644 index 0000000..f732b57 Binary files /dev/null and b/installation/src/main/stores/org.onap.appc.p12 differ diff --git a/installation/src/main/stores/truststoreONAPall.jks b/installation/src/main/stores/truststoreONAPall.jks new file mode 100644 index 0000000..2da1dcc Binary files /dev/null and b/installation/src/main/stores/truststoreONAPall.jks differ