From fab6ab37a74f579337424fd6d83b0aaa3ea7a474 Mon Sep 17 00:00:00 2001
From: Kanagaraj Manickam <mkr1481@gmail.com>
Date: Fri, 21 Feb 2020 17:48:03 +0530
Subject: [PATCH] Enable HTTPS for CLI portal

Issue-ID: CLI-246

Change-Id: I7038c724c595608b1fe1714a3e05029c1c0ed1e7
Signed-off-by: Kanagaraj Manickam k00365106 <kanagaraj.manickam@huawei.com>
---
 deployment/docker/src/main/docker/Dockerfile | 3 ++-
 deployment/http/lighttpd/lighttpd.conf       | 4 +++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/deployment/docker/src/main/docker/Dockerfile b/deployment/docker/src/main/docker/Dockerfile
index 44ae2efc..d66919ad 100644
--- a/deployment/docker/src/main/docker/Dockerfile
+++ b/deployment/docker/src/main/docker/Dockerfile
@@ -49,7 +49,8 @@ RUN apt-get update && apt-get install -y lighttpd git curl pandoc vim && \
     cp $OPEN_CLI_HOME/http/lighttpd/10-proxy.conf /etc/lighttpd/conf-enabled/ && \
     cp $OPEN_CLI_HOME/installer/cli-*.zip /var/www-data/servers/open-cli/oclip.zip && \
     cp $OPEN_CLI_HOME/http/web/ocomp.crt ~/.gotty.crt && \
-    cp $OPEN_CLI_HOME/http/web/ocomp.key ~/.gotty.key
+    cp $OPEN_CLI_HOME/http/web/ocomp.key ~/.gotty.key && \
+    cat $OPEN_CLI_HOME/http/web/ocomp.key $OPEN_CLI_HOME/http/web/ocomp.crt > /etc/lighttpd/ocomp.pem
     #openssl req -x509 -nodes -days 9999 -newkey rsa:2048 -keyout ~/.ocomp.key -out ~/.ocomp.crt -subj "/C=IN/ST=KA/L=BLR/O=CLI/CN=onap"
 EXPOSE 80
 EXPOSE 8080
diff --git a/deployment/http/lighttpd/lighttpd.conf b/deployment/http/lighttpd/lighttpd.conf
index ce904de5..32baf8af 100644
--- a/deployment/http/lighttpd/lighttpd.conf
+++ b/deployment/http/lighttpd/lighttpd.conf
@@ -16,6 +16,8 @@ server.document-root = "/var/www-data/servers/open-cli/"
 server.username             = "www-data"
 server.groupname            = "www-data"
 server.port                 = 80
+ssl.engine                  = "enable"
+ssl.pemfile                 = "/etc/lighttpd/ocomp.pem"
 
 mimetype.assign = (
   ".html" => "text/html",
@@ -47,4 +49,4 @@ server.pid-file             = "/var/run/lighttpd.pid"
 ## Use ipv6 if available
 #include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
 #include_shell "/usr/share/lighttpd/create-mime.assign.pl"
-#include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
\ No newline at end of file
+#include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
-- 
2.16.6