Update to new two-way certificate for AAF

author Ryan Young <ry303t@att.com>

Thu, 7 Jun 2018 18:54:32 +0000 (14:54 -0400)

committer Ryan Young <ry303t@att.com>

Thu, 7 Jun 2018 18:56:01 +0000 (14:56 -0400)
author Ryan Young <ry303t@att.com>
Thu, 7 Jun 2018 18:54:32 +0000 (14:54 -0400)
committer Ryan Young <ry303t@att.com>
Thu, 7 Jun 2018 18:56:01 +0000 (14:56 -0400)
diff --git a/installation/appc/pom.xml b/installation/appc/pom.xml

index f82b170..bb9a0d8 100644 (file)
--- a/installation/appc/pom.xml
+++ b/installation/appc/pom.xml
@@ -136,6 +136,7 @@ limitations under the License.
                                                                         <includes>
                                                                                 <include>*.jks</include>
                                                                                 <include>*.p12</include>
+                                                                               <include>*keyfile</include>
                                                                         </includes>
                                                                         <filtering>false</filtering>
                                                                 </resource>
@@ -380,6 +381,7 @@ limitations under the License.
                                                                                         <includes>
                                                                                                 <include>*.jks</include>
                                                                                                 <include>*.p12</include>
+                                                                                               <include>*.keyfile</include>
                                                                                         </includes>
                                                                                         <filtering>false</filtering>
                                                                                 </resource>
diff --git a/installation/appc/src/main/scripts/installZips.sh b/installation/appc/src/main/scripts/installZips.sh

index 01045d4..ccc610c 100644 (file)
--- a/installation/appc/src/main/scripts/installZips.sh
+++ b/installation/appc/src/main/scripts/installZips.sh
@@ -131,6 +131,9 @@ echo "Downloading aaf-cadi-shiro from nexus"
  mvn -U ${mavenOpts} org.apache.maven.plugins:maven-dependency-plugin:2.9:copy -Dartifact=org.onap.aaf.authz:aaf-shiro-aafrealm-osgi-bundle:${AAF_SHIRO_VERSION} -DoutputDirectory=${targetDir}/data
  mv ${targetDir}/data/aaf-shiro-aafrealm-osgi-bundle-*.jar ${targetDir}/data/aaf-shiro-aafrealm-osgi-bundle.jar
  
+echo "Setting keyfile to readonly"
+chmod 400 ${targetDir}/data/stores/org.onap.appc.keyfile
+
  echo "Downloading CDT Proxy Jar from nexus"
  mvn -U ${mavenOpts} org.apache.maven.plugins:maven-dependency-plugin:2.9:copy -Dartifact=org.onap.appc.cdt:cdt-proxy-service:${APPC_CDT_VERSION} -DoutputDirectory=${targetDir}/cdt-proxy-service
  mv ${targetDir}/cdt-proxy-service/cdt-proxy-service-*.jar ${targetDir}/cdt-proxy-service/cdt-proxy-service.jar
diff --git a/installation/src/main/properties/cadi.properties b/installation/src/main/properties/cadi.properties

index 9d8e0cb..ba1b253 100644 (file)
--- a/installation/src/main/properties/cadi.properties
+++ b/installation/src/main/properties/cadi.properties
@@ -17,38 +17,41 @@
  # limitations under the License.
  # ============LICENSE_END=========================================================
  ###
-hostname=localhost
- 
-csp_devl_localhost=true
-
-# should this be onap.org?
-basic_realm=onap.org
-
-basic_warn=TRUE
- 
-cadi_loglevel=DEBUG
- 
-aaf_taf_class=com.att.cadi.aaf.v2_0.AAFTaf
-aaf_domain_support=.org
-
-# add location of keyfile to use encrypted password
-#cadi_keyfile=/opt/appc/data/stores/appckeyfile
-#cadi_keystore=etc/keystore/truststore2018.jks
-#cadi_keystore_password=changeit 
- 
-AFT_DME2_CLIENT_IGNORE_SSL_CONFIG=false
-
-cadi_protocols=TLSv1.1,TLSv1.2
-
-# Configure AAF
-aaf_url=http://10.12.5.148:8101
-
-aaf_id=admin@appc.onap.org
-
-# to use encrypted password ensure cadi_keyfile location has been set
-aaf_password=appc_admin
-
-aaf_timeout=5000 
-aaf_clean_interval=30000 
-aaf_user_expires=5000 
-aaf_high_count=1000 
-\ No newline at end of file
+#hostname=localhost
+
+cadi_loglevel=INFO
+
+############################################################
+# Properties Generated by AT&T Certificate Manager
+# @copyright 2016, AT&T
+############################################################
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US
+cadi_keyfile=/opt/onap/appc/data/stores/org.onap.appc.keyfile
+cadi_keystore=/opt/onap/appc/data/stores/org.onap.appc.p12
+cadi_keystore_password=enc:4DVUTKvRCCtebQrKskDsuKFIHLzOf2M9XxNOhVIK4xb
+#cadi_key_password=enc:<KEY PASSWORD (optional if the same as KEYSTORE PASSWORD)>
+cadi_alias=appc@appc.onap.org
+cadi_truststore=/opt/onap/appc/data/stores/truststoreONAPall.jks
+cadi_truststore_password=enc:O3Vtv5e77OQWJ_OiLC9Atj3ngyYfulRK519JYFmbKl7
+
+##
+## org.osaaf.location.props
+##
+## Localized Machine Information
+##
+# Almeda California ?
+cadi_latitude=37.78187
+cadi_longitude=-122.26147
+
+# Locate URL (which AAF Env)
+aaf_locate_url=https://aaf-onap-beijing-test.osaaf.org
+
+# AAF URL
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0
+
+# AAF Environment Designation
+aaf_env=DEV
+
+# OAuth2 Endpoints
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
+\ No newline at end of file
diff --git a/installation/src/main/stores/ONAPall.p12 b/installation/src/main/stores/ONAPall.p12

deleted file mode 100644 (file)

index 36121ee..0000000

Binary files a/installation/src/main/stores/ONAPall.p12 and /dev/null differ
diff --git a/installation/src/main/stores/keystore.clientnew.p12 b/installation/src/main/stores/keystore.clientnew.p12

deleted file mode 100644 (file)

index 932889e..0000000

Binary files a/installation/src/main/stores/keystore.clientnew.p12 and /dev/null differ
diff --git a/installation/src/main/stores/org.onap.appc.keyfile b/installation/src/main/stores/org.onap.appc.keyfile

new file mode 100644 (file)

index 0000000..2bbe2aa
--- /dev/null
+++ b/installation/src/main/stores/org.onap.appc.keyfile
@@ -0,0 +1,27 @@
+QO2Mv5stW6eqbdrGwVYa_OedojcAzSoL4YyQhK6rTFXcsidODGaLSNi8kxc9xPmHe3yHxDf6_ivv
+y9gigX4Ijg0skJZIycd1f_-xL31fndnvDvx9eE4CDTVCDhieAEviYzi3MiyaHUMvLX5RXVGgKrb8
+jn4trFqzeKCntHYIwhEBEfOdTi59UjCXaH-oYC0UMaD4N0d1XxSR9xEGAUg4JqbarKmS5LeYQNro
+xyOfmE-4odEIAs4PO4XKyFQAEUsXVIMhPZFQdDqRaMx5AqinKhBsgNBWAeyAIVv--VpA--adsH-4
+SlA5MCEbN7b9OrRHEsDZSQGyJdaf3Hzixh5sMIyxsI7tL0Sm1PRqyX9dhwrD1vkKZp9rBLi1FbQX
+J1-oky0Luk9ulqrlgPPYH7LsIuowm3sl0cRk_A0DkUs8oVZM0yo8sYNjd9Si7qrE7uuPgszPeZgC
+3AMUMVK05uTWrd4sT7uQI-1YCp24XQBjvlWmaCDbQEw6Xct1PDOKosJIdXVJlCvbkOGS_Uhhyd3g
+2Yb6hoS2CPb8l41pA70zS6SmvPz3BwJKc9UKqX-UMqGTh50YeaYPUUXK_pZJTXxQwNQSXfqdMQwD
+eqwAocTbAzUbXgVRfLTwAm5QEp3khvtv8Xb8xGNCQfhSHOi_qpJCXv1Fw7LSnl4lK7KWTfpBrX7w
+s2HXG1OBzgJKBSMlQqOJEfHfn9Tn1XZiaGmeq0AMUURKrbgCoIyRjKhSpMBbCKcJLpa-emmAOoi0
+04l51G4Xj7xUoC_riTJbXXgJESzJ2UD0NfZFTK0shXsxca7-Tokz6XF2l6lMEpJdvyhKfANbjF_n
+hlCKEjFdO6v_T8GjTdBLTd4y6QX-CzsN0o8n0DolDoA_52pSaZ4jwlKgdmAiV1vODzb_Tp9-_082
+_CbYH-er-fzlOG6SH20MiqSgv_ywtyVrro5HMIT2pKKyMK54OsGltXcQAh0Le_UfsGicsnKbmq3m
+YuAXy43mbqdTk57hsVQ32L_ijj7SG1LLte99ky5-WRq1Yogzfp84MMG_EsT9qowoKSVziiicAayR
+-FTbvwJzeBbsMhYiIyqcpPrsifkRQndzLb5Q-jjWjxp947kxFTXrppetqmtoHhSjU2fTMorzaKTD
+gEUvzPIDnbLkoDUONjtNAOSxrd37LKmzeg_2HvpAKRTre9utwITuePVJp_EeP2zk8Q42MusUbZVa
+U2ELj1ib0torx1taEF9he0tah262ugDKZ6ymsaEnglavgQ1gquAja7_HBiwZZlddJyQ0PKb7EVAH
+9LWJIgS2ejjOI551X8U9UfCWiNqVjmq56ydbVQqKbEfcXuZkjOjSrwJP_rbTZizHyiWkpu-htLrj
+veeUok9UjowD4dH299rfiAu-zhiAoHYu6lahoPmRdmorLJ48W5Fo9XentFDmHisZrMUdC_ZZQ4fI
+QAc8s7mkmn9UJ1vU2vwfqEg92oXvAx4l5k-tYWbxcb7PSlK4MJiGYd4-QmdvYIl31vuvlQrktWRJ
+nwb09CTXM9GfKil93JTG2-pPqIjJkFNGk0oXXeJ9Fqr-T0Q3ca0iLXR8tGxw3Nvu_XPpUVxghzM_
+mUGD0cD6Fj9-LWCMtS5FgnmmcFpCGOOgAJVt4rsuigH5De-TmRmiV89uLUCsZBtD7C919YaRcxRX
+VvqQir2umIMWPoUfjBnYaej2P3wF2GMK6QNwyBqr77JVzlUvbn4BwGCyPodF8p5BaF06bmzT39o-
+eqm5yWdQlu9ZnU532KlbQYEhqGnlUdix0_wsx3rZ9csnOicTsxDk8cm2ERXcxxzdOohLp9yRb1-K
+QEdJ9FhGTZZN2MfrMwEcdZGg_Rc0cSiMjKZ6P5O29JE5yOyffgBB6nDAGJ8rqjNKjb0AEVHjKhwj
+VD8cjcOQubgHx0-1PXEp8fpPVatAANm9AxhCeDSP2CLrFAWffgtz28Iq2pFrOOMbLp6G34fYYsS1
+Z1VI2JyjD7Us1_IKAsB4bY-aL-HyYmu5GiGN0yYSnUF1DoZU1MEa7snVuOJ4fDhq7cxvVS44
+\ No newline at end of file
diff --git a/installation/src/main/stores/org.onap.appc.p12 b/installation/src/main/stores/org.onap.appc.p12

new file mode 100644 (file)

index 0000000..f732b57

Binary files /dev/null and b/installation/src/main/stores/org.onap.appc.p12 differ
diff --git a/installation/src/main/stores/truststoreONAPall.jks b/installation/src/main/stores/truststoreONAPall.jks

new file mode 100644 (file)

index 0000000..2da1dcc

Binary files /dev/null and b/installation/src/main/stores/truststoreONAPall.jks differ
author	Ryan Young <ry303t@att.com>
	Thu, 7 Jun 2018 18:54:32 +0000 (14:54 -0400)
committer	Ryan Young <ry303t@att.com>
	Thu, 7 Jun 2018 18:56:01 +0000 (14:56 -0400)
installation/appc/pom.xml		patch \| blob \| history
installation/appc/src/main/scripts/installZips.sh		patch \| blob \| history
installation/src/main/properties/cadi.properties		patch \| blob \| history
installation/src/main/stores/ONAPall.p12	[deleted file]	patch \| blob \| history
installation/src/main/stores/keystore.clientnew.p12	[deleted file]	patch \| blob \| history
installation/src/main/stores/org.onap.appc.keyfile	[new file with mode: 0644]	patch \| blob
installation/src/main/stores/org.onap.appc.p12	[new file with mode: 0644]	patch \| blob
installation/src/main/stores/truststoreONAPall.jks	[new file with mode: 0644]	patch \| blob