From: efiacor Date: Mon, 8 May 2023 15:58:03 +0000 (+0100) Subject: [SDC-BE] Update kafka ssl config X-Git-Tag: 1.13.0~37 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=3bc3a5c724e9a6ea8a112dca72a9a3128eddca19;p=sdc.git [SDC-BE] Update kafka ssl config Signed-off-by: efiacor Change-Id: Id5c7aa72a1714fca9cfbdf4462a9faf9fd9bff88 Issue-ID: SDC-4476 --- diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/components/kafka/KafkaCommonConfig.java b/catalog-be/src/main/java/org/openecomp/sdc/be/components/kafka/KafkaCommonConfig.java index 06c36e4add..bf65c52874 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/components/kafka/KafkaCommonConfig.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/components/kafka/KafkaCommonConfig.java @@ -68,9 +68,13 @@ public class KafkaCommonConfig { props.put(CommonClientConfigs.BOOTSTRAP_SERVERS_CONFIG, deConfiguration.getKafkaBootStrapServers()); if("SSL".equals(securityProtocolConfig)) { - log.error("Kafka over SSL has not been implemented yet"); - } - else{ + props.put(SslConfigs.SSL_KEYSTORE_LOCATION_CONFIG, deConfiguration.getSSLConfig().getKeystorePath()); + props.put(SslConfigs.SSL_KEYSTORE_PASSWORD_CONFIG, deConfiguration.getSSLConfig().getKeystorePass()); + props.put(SslConfigs.SSL_KEY_PASSWORD_CONFIG, deConfiguration.getSSLConfig().getKeyManagerPassword()); + props.put(SslConfigs.SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_CONFIG, ""); + props.put(SslConfigs.SSL_TRUSTSTORE_LOCATION_CONFIG, deConfiguration.getSSLConfig().getTruststorePath()); + props.put(SslConfigs.SSL_TRUSTSTORE_PASSWORD_CONFIG, deConfiguration.getSSLConfig().getTruststorePass()); + } else { props.put(SaslConfigs.SASL_JAAS_CONFIG, getKafkaSaslJaasConfig()); props.put(SaslConfigs.SASL_MECHANISM, "SCRAM-SHA-512"); } diff --git a/common-app-api/src/main/java/org/openecomp/sdc/be/config/DistributionEngineConfiguration.java b/common-app-api/src/main/java/org/openecomp/sdc/be/config/DistributionEngineConfiguration.java index 205588adab..b56708efb9 100644 --- a/common-app-api/src/main/java/org/openecomp/sdc/be/config/DistributionEngineConfiguration.java +++ b/common-app-api/src/main/java/org/openecomp/sdc/be/config/DistributionEngineConfiguration.java @@ -24,6 +24,7 @@ import java.util.HashSet; import java.util.List; import java.util.Map; import java.util.Set; +import org.onap.config.api.JettySSLUtils; import org.openecomp.sdc.common.api.BasicConfiguration; import org.openecomp.sdc.common.http.config.ExternalServiceConfig; @@ -459,4 +460,8 @@ public class DistributionEngineConfiguration extends BasicConfiguration { return "ArtifactTypesConfig [info=" + info + ", lifecycle=" + lifecycle + "]"; } } + + public JettySSLUtils.JettySslConfig getSSLConfig() { + return JettySSLUtils.getSSLConfig(); + } } diff --git a/common-app-api/src/test/java/org/openecomp/sdc/be/config/DistributionEngineConfigurationTest.java b/common-app-api/src/test/java/org/openecomp/sdc/be/config/DistributionEngineConfigurationTest.java index cd6705dfdf..8a33c3eb40 100644 --- a/common-app-api/src/test/java/org/openecomp/sdc/be/config/DistributionEngineConfigurationTest.java +++ b/common-app-api/src/test/java/org/openecomp/sdc/be/config/DistributionEngineConfigurationTest.java @@ -41,7 +41,7 @@ public class DistributionEngineConfigurationTest { public void validateBean() { assertThat(DistributionEngineConfiguration.class, allOf( hasValidBeanConstructor(), - hasValidGettersAndSettersExcluding("environments") + hasValidGettersAndSettersExcluding("environments", "SSLConfig") )); }